file may contain malicious executable code

  • Resolved edis555

    (@edis555)


    9 years, 5 months ago

    After scanning my site with Wordfence I get following notification. Is this seriuos? Should I do anything about it?

    This file may contain malicious executable code: /var/www/vhosts/inhottub.be/httpdocs/wp-content/plugins/smart-slider-3/nextend/library/libraries/zip/pclzip.php
    Filename: wp-content/plugins/smart-slider-3/nextend/library/libraries/zip/pclzip.php
    File type: Not a core, theme or plugin file.
    Issue first detected: 5 mins ago.
    Severity: Critical
    Status New

    This file is a PHP executable file and contains the word ‘eval’ (without quotes) and the word ‘unpack(‘ (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support Gabor

    (@nextendweb_gabor)

    9 years, 5 months ago

    Hi @edis555!

    That is our file what we use for zipping for the exporting/importing of our sliders. The ‘eval’ functions are commented out in it, just it looks like WordFence doesn’t check that and the ‘unpack’ function is necessary for the unzipping, so you can ignore this, as their message says too, that “If you know about this file you can choose to ignore it to exclude it from future scans.” and the file is perfectly safe.

    Thread Starter edis555

    (@edis555)

    9 years, 5 months ago

    Thank you!

    Plugin Author Nextendweb

    (@nextendweb)

    9 years, 5 months ago

    Also we will remove that zip library in the next version as we won’t use it any more to compress archives. 🙂

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘file may contain malicious executable code’ is closed to new replies.