False Positive – Gravity Forms

  • Resolved Garrett Hyder

    (@garrett-eclipse)


    9 years, 5 months ago

    Hello,

    I believe I’ve seen this before but found Wordfence is flagging Gravity Forms as malicious;

    View post on imgur.com


    This file may contain malicious executable code: /home/ikbbcca/public_html/wp-content/plugins/gravityforms/common.php
    Filename: wp-content/plugins/gravityforms/common.php
    File type: Not a core, theme or plugin file.
    Issue first detected: 26 mins ago.
    Severity: Critical
    Status New
    This file is a PHP executable file and contains the word ‘eval’ (without quotes) and the word ‘base64_decode(‘ (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans. This file was detected because you have enabled HIGH SENSITIVITY scanning. This option is more aggressive than the usual scans, and may cause false positives.

    I can ignore this correct? Is there anything that can be done on Wordfence end to avoid this in future installs?

    Thanks

Viewing 2 replies - 1 through 2 (of 2 total)
  • wfasa

    (@wfasa)

    9 years, 5 months ago

    Hi!
    Yes, you can choose to ignore until the file changes. I’m afraid there is nothing we can do about this since you are running scan with “high sensitivity” we have to flag code that looks like that else we would risk missing some malware. If you don’t want to see the warning, don’t enable “high sensitivity” when scanning. It is usually not necessary to have that enabled unless you have some reason to suspect your site is infected.

    Hope that helps!

    Thread Starter Garrett Hyder

    (@garrett-eclipse)

    9 years, 5 months ago

    Thanks @wfasa,

    Appreciate the information, I’ll flag to Gravity Forms see if they want to do anything about their implementation to avoid being flagged.

    Closing ticket,
    Cheers

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘False Positive – Gravity Forms’ is closed to new replies.