Title: false &#039;eval&#039; detection
Last modified: August 21, 2016

---

# false 'eval' detection

 *  Resolved [Ewout](https://wordpress.org/support/users/pomegranate/)
 * (@pomegranate)
 * [12 years, 4 months ago](https://wordpress.org/support/topic/false-eval-detection/)
 * I received a report from someone that on of my plugins contained malicious code,
   detected by Wordfence.
 * > This file is a PHP executable file and contains the word ‘eval’ (without quotes)
   > and the word ‘urldecode’ (without quotes). The eval() function along with an
   > encoding function like the one mentioned are commonly used by hackers to hide
   > their code. If you know about this file you can choose to ignore it to exclude
   > it from future scans.
 * Now I looked into the code (it’s part of a library, not my code), and there’s
   no eval function in it. There _is_ an `$eval` string in there, but that’s completely
   harmless of course. Is there a possibility to detect whether it’s actually a 
   function and not a variable?
 * [https://wordpress.org/plugins/wordfence/](https://wordpress.org/plugins/wordfence/)

Viewing 1 replies (of 1 total)

 *  Plugin Author [Mark Maunder](https://wordpress.org/support/users/mmaunder/)
 * (@mmaunder)
 * [12 years, 4 months ago](https://wordpress.org/support/topic/false-eval-detection/#post-4592342)
 * Hi,
 * Please ask your customer to upgrade to the newest version of Wordfence where 
   we’ve improved detection so it won’t yield false positives. Version I think it
   was 4.0.2 was a little too sensitive but we’ve fixed that.
 * Regards,
 * Mark.

Viewing 1 replies (of 1 total)

The topic ‘false 'eval' detection’ is closed to new replies.

 * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865)
 * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wordfence/)
 * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/)

## Tags

 * [eval](https://wordpress.org/support/topic-tag/eval/)
 * [false positive](https://wordpress.org/support/topic-tag/false-positive/)

 * 1 reply
 * 2 participants
 * Last reply from: [Mark Maunder](https://wordpress.org/support/users/mmaunder/)
 * Last activity: [12 years, 4 months ago](https://wordpress.org/support/topic/false-eval-detection/#post-4592342)
 * Status: resolved