Exploit scanner is finding malicious code in Invite Anyone

  • energynet

    (@energynet)


    13 years ago

    Hi,

    I’ve been working on cleaning up an old blog and ran the plugin called “Exploit Scanner”. The scan came back with 4 Severe sets of code warning of danger. They are listed below…

    wp-content/plugins/invite-anyone/group-invites/jquery.autocomplete/jquery.autocomplete-min.js:11
    Often used to execute malicious code

    The code —
    .show()}},processResponse:function(b){var a;try{a=eval(“(“+b+”)”)}catch(c){return}if(!d.isArray(a.data

    —end of code

    wp-content/plugins/invite-anyone/group-invites/jquery.autocomplete/jquery.autocomplete.js:289
    Often used to execute malicious code

    The code —
    response = eval(‘(‘ + text + ‘)’);

    — end of code

    wp-content/plugins/invite-anyone/group-invites/jquery.autocomplete/jquery-1.3.2.min.js:12
    Often used to execute malicious code

    The code —
    .src,async:false,dataType:”script”})}else{o.globalEval(F.text||F.textContent||F.innerHTML||””)}if(F.pa

    — end of code

    wp-content/plugins/invite-anyone/group-invites/jquery.autocomplete/jquery-1.3.2.min.js:19
    Often used to execute malicious code

    the code —

    )}if(typeof I===”string”){if(H==”script”){o.globalEval(I)}if(H==”json”){I=l[“eval”](“(“+I+”)”)}}return

    — end of code…

    Any suggestion on how to deal with this problem? It could be a false-positive, but Exploit scanner is a damn good system to dig out problems on wordpress blogs…

    http://ww.wp.xz.cn/extend/plugins/invite-anyone/

The topic ‘Exploit scanner is finding malicious code in Invite Anyone’ is closed to new replies.