Title: Known Threat error for Javascript code
Last modified: January 24, 2018

---

# Known Threat error for Javascript code

 *  Resolved [gayathri7066](https://wordpress.org/support/users/gayathri7066/)
 * (@gayathri7066)
 * [8 years, 4 months ago](https://wordpress.org/support/topic/known-threat-error-for-javascript-code/)
 * Hi,
 * I installed the plugin on one of my sites, and it reports a Known Threat for 
   one of the php files of my plugin. I had a closer look at it and it shows the
   threat in the lines of code where I have included Javascript. For example, the
   below lines are reported as a threat:
 * <script>
    function backtologin(){ jQuery(‘#back_to_login_form’).submit(); } </
   script>
 * How is having a script on the php file identified as a threat?
 * Please give some insights on this.
 * Thanks,
    Gayathri S.

Viewing 1 replies (of 1 total)

 *  Plugin Author [Eli](https://wordpress.org/support/users/scheeeli/)
 * (@scheeeli)
 * [8 years, 4 months ago](https://wordpress.org/support/topic/known-threat-error-for-javascript-code/#post-9898696)
 * Hi Gayathri,
    I see that you posted this same question on my website also, but
   with a different code snippet. Neither the code you posted here nor the code 
   you posted on my website have anything malicious in them. To answer your question
   directly: having a script in a php file is not a threat.
 * It might have helped to have a little bit more information about the surrounding
   code or where these snippets of benign code were found but I think I can make
   a guess that could be a little more helpful. Is it possible that this JavaScript
   was not placed inside of the BODY or HEAD tags?
 * Because it is common for hackers to inject JavaScript into the wrong places in
   your HTML, and it is improper to place a SCRIPT tag outside or even between the
   HEAD and BODY tags.
 * Please feel free to post a reply with more details or you can contact me directly
   if you have any sensitive information that you don’t want posted publicly:
    eli
   AT gotmls DOT net

Viewing 1 replies (of 1 total)

The topic ‘Known Threat error for Javascript code’ is closed to new replies.

 * ![](https://ps.w.org/gotmls/assets/icon-256x256.png?rev=1001824)
 * [Anti-Malware Security and Brute-Force Firewall](https://wordpress.org/plugins/gotmls/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/gotmls/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/gotmls/)
 * [Active Topics](https://wordpress.org/support/plugin/gotmls/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/gotmls/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/gotmls/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [Eli](https://wordpress.org/support/users/scheeeli/)
 * Last activity: [8 years, 4 months ago](https://wordpress.org/support/topic/known-threat-error-for-javascript-code/#post-9898696)
 * Status: resolved