Jetpack reports malicious code pattern in Freemius

  • Resolved bravobrown

    (@bravobrown)


    5 years ago

    I’m assuming there is a new malicious code definition that is triggering this in the Jetpack scan, but these two items in Freemius are popping the threat warning:

    1. The file FreemiusBase.php contains a malicious code pattern
    Threat found (PHP_Generic_BadPattern_7)

    /wp-content/plugins/wp-security-audit-log-premium/vendor/freemius/wordpress-sdk/includes/sdk/FreemiusBase.php

    180 */
    181 $fn = ‘base64’ . ‘_decode’;
    182 return $fn( strtr( $input, ‘-_’, ‘+/’ ) );`

    2. The file class-freemius.php contains a malicious code pattern
    Threat found (PHP_Generic_BadPattern_7)

    /wp-content/plugins/wp-security-audit-log-premium/vendor/freemius/wordpress-sdk/includes/class-freemius.php

    16115 */
    16116 $fn = ‘base64’ . ‘_decode’;`
    16117

    Please advise. Thanks very much!

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support robertabela

    (@robert681)

    5 years ago

    Hello @bravobrown

    Thank you for using our plugin and sorry for the late response.

    This is a false positive. The Freemius SDK is used by a good number of plugins and themes hosted on the ww.wp.xz.cn repo, which are automatically scanned by a plugin called Theme Check which flags base64 functions, since generally, there’s no reason for themes to use those functions.

    In the case of Freemius, they use base64 encoding for API signature signing and hiding sensitive information, a use case that was approved by the ww.wp.xz.cn themes review team.

    I got in touch with Freemius and they have confirmed that they are planning to contact Automattic’s team to get this whitelisted.

    I hope the above answers your question. Should you have any other questions, do not hesitate to ask.

    Have a good day.

    Thread Starter bravobrown

    (@bravobrown)

    5 years ago

    Hi @robert681 Thanks so much for checking into that for me. I was hoping something like that was the case. I’ll have Jetpack ignore the warning.

    Best regards!

    Plugin Support robertabela

    (@robert681)

    5 years ago

    You’re welcome @bravobrown

    Should there be anything else we can help you with, please do not hesitate to ask.

    Have a great weekend.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Jetpack reports malicious code pattern in Freemius’ is closed to new replies.