Title: False Positive – Gravity Forms Last modified: January 10, 2017 --- # False Positive – Gravity Forms * Resolved [Garrett Hyder](https://wordpress.org/support/users/garrett-eclipse/) * (@garrett-eclipse) * [9 years, 5 months ago](https://wordpress.org/support/topic/false-positive-gravity-forms/) * Hello, * I believe I’ve seen this before but found Wordfence is flagging Gravity Forms as malicious; * > [View post on imgur.com](https://imgur.com/qFTe34R) * This file may contain malicious executable code: /home/ikbbcca/public_html/ wp-content/plugins/gravityforms/common.php Filename: wp-content/plugins/gravityforms/ common.php File type: Not a core, theme or plugin file. Issue first detected: 26 mins ago. Severity: Critical Status New This file is a PHP executable file and contains the word ‘eval’ (without quotes) and the word ‘base64_decode(‘ ( without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans. This file was detected because you have enabled HIGH SENSITIVITY scanning. This option is more aggressive than the usual scans, and may cause false positives. * I can ignore this correct? Is there anything that can be done on Wordfence end to avoid this in future installs? * Thanks Viewing 2 replies - 1 through 2 (of 2 total) * [wfasa](https://wordpress.org/support/users/wfasa/) * (@wfasa) * [9 years, 5 months ago](https://wordpress.org/support/topic/false-positive-gravity-forms/#post-8643984) * Hi! Yes, you can choose to ignore until the file changes. I’m afraid there is nothing we can do about this since you are running scan with “high sensitivity” we have to flag code that looks like that else we would risk missing some malware. If you don’t want to see the warning, don’t enable “high sensitivity” when scanning. It is usually not necessary to have that enabled unless you have some reason to suspect your site is infected. * Hope that helps! * Thread Starter [Garrett Hyder](https://wordpress.org/support/users/garrett-eclipse/) * (@garrett-eclipse) * [9 years, 5 months ago](https://wordpress.org/support/topic/false-positive-gravity-forms/#post-8644035) * Thanks [@wfasa](https://wordpress.org/support/users/wfasa/), * Appreciate the information, I’ll flag to Gravity Forms see if they want to do anything about their implementation to avoid being flagged. * Closing ticket, Cheers Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘False Positive – Gravity Forms’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) ## Tags * [false positive](https://wordpress.org/support/topic-tag/false-positive/) * [scan](https://wordpress.org/support/topic-tag/scan/) * 2 replies * 2 participants * Last reply from: [Garrett Hyder](https://wordpress.org/support/users/garrett-eclipse/) * Last activity: [9 years, 5 months ago](https://wordpress.org/support/topic/false-positive-gravity-forms/#post-8644035) * Status: resolved