Title: Jetpack reports malicious code pattern in Freemius Last modified: May 29, 2021 --- # Jetpack reports malicious code pattern in Freemius * Resolved [bravobrown](https://wordpress.org/support/users/bravobrown/) * (@bravobrown) * [5 years ago](https://wordpress.org/support/topic/jetpack-reports-malicious-code-pattern-in-freemius/) * I’m assuming there is a new malicious code definition that is triggering this in the Jetpack scan, but these two items in Freemius are popping the threat warning: * 1. The file FreemiusBase.php contains a malicious code pattern Threat found ( PHP_Generic_BadPattern_7) * /wp-content/plugins/wp-security-audit-log-premium/vendor/freemius/wordpress-sdk/ includes/sdk/FreemiusBase.php * 180 */ 181 $fn = ‘base64’ . ‘_decode’; 182 return $fn( strtr( $input, ‘-_’, ‘ +/’ ) );` * 2. The file class-freemius.php contains a malicious code pattern Threat found( PHP_Generic_BadPattern_7) * /wp-content/plugins/wp-security-audit-log-premium/vendor/freemius/wordpress-sdk/ includes/class-freemius.php * 16115 */ 16116 $fn = ‘base64’ . ‘_decode’;` 16117 * Please advise. Thanks very much! Viewing 3 replies - 1 through 3 (of 3 total) * Plugin Support [robertabela](https://wordpress.org/support/users/robert681/) * (@robert681) * [5 years ago](https://wordpress.org/support/topic/jetpack-reports-malicious-code-pattern-in-freemius/#post-14514394) * Hello [@bravobrown](https://wordpress.org/support/users/bravobrown/) * Thank you for using our plugin and sorry for the late response. * This is a false positive. The Freemius SDK is used by a good number of plugins and themes hosted on the WordPress.org repo, which are automatically scanned by a plugin called Theme Check which flags base64 functions, since generally, there’s no reason for themes to use those functions. * In the case of Freemius, they use base64 encoding for API signature signing and hiding sensitive information, a use case that was approved by the WordPress.org themes review team. * I got in touch with Freemius and they have confirmed that they are planning to contact Automattic’s team to get this whitelisted. * I hope the above answers your question. Should you have any other questions, do not hesitate to ask. * Have a good day. * Thread Starter [bravobrown](https://wordpress.org/support/users/bravobrown/) * (@bravobrown) * [5 years ago](https://wordpress.org/support/topic/jetpack-reports-malicious-code-pattern-in-freemius/#post-14517573) * Hi [@robert681](https://wordpress.org/support/users/robert681/) Thanks so much for checking into that for me. I was hoping something like that was the case. I’ll have Jetpack ignore the warning. * Best regards! * Plugin Support [robertabela](https://wordpress.org/support/users/robert681/) * (@robert681) * [5 years ago](https://wordpress.org/support/topic/jetpack-reports-malicious-code-pattern-in-freemius/#post-14519355) * You’re welcome [@bravobrown](https://wordpress.org/support/users/bravobrown/) * Should there be anything else we can help you with, please do not hesitate to ask. * Have a great weekend. Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Jetpack reports malicious code pattern in Freemius’ is closed to new replies. * ![](https://ps.w.org/wp-security-audit-log/assets/icon-256x256.png?rev=2961534) * [WP Activity Log](https://wordpress.org/plugins/wp-security-audit-log/) * [Frequently Asked Questions](https://wordpress.org/plugins/wp-security-audit-log/#faq) * [Support Threads](https://wordpress.org/support/plugin/wp-security-audit-log/) * [Active Topics](https://wordpress.org/support/plugin/wp-security-audit-log/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wp-security-audit-log/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wp-security-audit-log/reviews/) * 3 replies * 2 participants * Last reply from: [robertabela](https://wordpress.org/support/users/robert681/) * Last activity: [5 years ago](https://wordpress.org/support/topic/jetpack-reports-malicious-code-pattern-in-freemius/#post-14519355) * Status: resolved