False positive

  • Resolved Ewout

    (@pomegranate)


    8 years, 6 months ago

    Hi! I got a user reporting that this plugin marked WooCommerce PDF Invoices & Packing Slips as malware:

    The plugin GOTMLS is flagging malware in woocommerce-pdf-invoices-packing-slips/vendor/sabberworm/php-css-parser/lib/Sabberworm/CSS/CSSList/CSSBlockList.php and remove lines 72-73

    
$sComparison = "\$bRes = {$oSelector->getSpecificity()} $sSpecificitySearch;";
eval($sComparison);

    to ‘repair the malware’.

    It looks like it’s the eval that’s triggering this (code here), but as far as I can see this is a false positive.

    Would it be possible to add this to a whitelist?

    Thanks!
    Ewout

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author Eli

    (@scheeeli)

    8 years, 6 months ago

    Thanks for posting this code example here. This was in fact a false positive and my definition of this threat was not meant to match this code. I have release a new definition update to fix this issue so this code will no longer be flagged as a Known Threat.

    Thanks again for reporting this to me.

Viewing 1 replies (of 1 total)

The topic ‘False positive’ is closed to new replies.