Title: Malware Found on Custom-admin-interface.php Last modified: January 22, 2020 --- # Malware Found on Custom-admin-interface.php * Resolved [989](https://wordpress.org/support/users/989-1/) * (@989-1) * [6 years, 4 months ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/) * Dear all my provider has notified me that in the code below there’s a malware. * /plugins/wp-custom-admin-interface/wp-custom-admin-interface.php * {HEX}Malware.Expert.generic.eval.base64.decode.41.UNOFFICIAL FOUND Viewing 11 replies - 1 through 11 (of 11 total) * Plugin Author [Northern Beaches Websites](https://wordpress.org/support/users/northernbeacheswebsites/) * (@northernbeacheswebsites) * [6 years, 4 months ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12355126) * Hi [@989-1](https://wordpress.org/support/users/989-1/), * Your provider, whoever they are, are not providing accurate information. I suggest you speak to them and get them to actually get an expert to look over things. Then if you have an issue please report it to me. There’s no desire or benefit for me to be putting malware on peoples sites, and the plugin has been well reviewed by WordPress. Thanks, * Thread Starter [989](https://wordpress.org/support/users/989-1/) * (@989-1) * [6 years, 4 months ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12357737) * sending your answer to my provider assistance right now * thanks will keep you up to date - This reply was modified 6 years, 4 months ago by [989](https://wordpress.org/support/users/989-1/). * Thread Starter [989](https://wordpress.org/support/users/989-1/) * (@989-1) * [6 years, 4 months ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12357829) * this is the answer * Salve Massimiliano, * I confirm that it is a false positive as the following functions are often used in malicious scripts. * $menu_icon_svg = ‘data:image/svg+xml;base64, e [@eval](https://wordpress.org/support/users/eval/)( $stripPhpTags); * Plugin Author [Northern Beaches Websites](https://wordpress.org/support/users/northernbeacheswebsites/) * (@northernbeacheswebsites) * [6 years, 4 months ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12359497) * Hi [@989-1](https://wordpress.org/support/users/989-1/), * Glad to hear this is all resolved. Thanks and enjoy the plugin 🙂 * Thread Starter [989](https://wordpress.org/support/users/989-1/) * (@989-1) * [6 years, 4 months ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12360689) * thanks to you! * [woodypad](https://wordpress.org/support/users/woodypad/) * (@woodypad) * [6 years, 4 months ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12373980) * Hello, the same thing happens to me too … * The file was removed, I tried to redo the upload and it is blocked as a malicious file. * Thread Starter [989](https://wordpress.org/support/users/989-1/) * (@989-1) * [6 years, 4 months ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12374921) * This seems to be a false positive, I strongly suggest your provider have a deeper look at the code contained within the file. * Plugin Author [Northern Beaches Websites](https://wordpress.org/support/users/northernbeacheswebsites/) * (@northernbeacheswebsites) * [6 years, 4 months ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12379467) * It certainly is a false positive. Speak to your hosting company and if they are uncooperative get a new hosting company. Or buy the pro version and I will provide a customised version which removes this code. * Thanks, * [woodypad](https://wordpress.org/support/users/woodypad/) * (@woodypad) * [6 years, 4 months ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12380374) * Hello The file is also reported by plugins that do malware checking. If you confirm that there is no danger, OK. * For the PRO version, always try 😀 We would have taken it immediately, but for some time we have been looking for lifetime solutions, we have too many subscriptions, which customers in turn do not want to pay. Luckily there are many who are going in this direction. If you make a lifetime version I will be the first to buy it. * Thank you - This reply was modified 6 years, 4 months ago by [woodypad](https://wordpress.org/support/users/woodypad/). * [rcwdm](https://wordpress.org/support/users/rcwgsy/) * (@rcwgsy) * [6 years ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12880146) * We are getting malware issues that have now blocked Woocommerce from sending all emails. * Infected files noted as: generic.eval.base64.decode.41 * While I am more than happy to upgrade, I think it would be a bit silly to do so when the free version is causing issues. * Could you please help resolve? * Plugin Author [Northern Beaches Websites](https://wordpress.org/support/users/northernbeacheswebsites/) * (@northernbeacheswebsites) * [6 years ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12884877) * Hi [@rcwgsy](https://wordpress.org/support/users/rcwgsy/), * I repeat, there is no malware in our plugin. The free version of the plugin has a feature which enables you to add custom PHP code to your site which uses the eval method. Unless you are injecting your own malware into your site via our plugin, then our plugin is not doing anything bad. This is an issue with your host, not an issue with our plugin. * The pro version removes this feature altogether (not because of this reason but actually because the feature has the potential to cause issues where people write incorrect code), so one way you can get around this would be upgrading, but otherwise speak to your host or find a new host. * Thanks, Viewing 11 replies - 1 through 11 (of 11 total) The topic ‘Malware Found on Custom-admin-interface.php’ is closed to new replies. * ![](https://ps.w.org/wp-custom-admin-interface/assets/icon.svg?rev=1656274) * [WP Custom Admin Interface](https://wordpress.org/plugins/wp-custom-admin-interface/) * [Frequently Asked Questions](https://wordpress.org/plugins/wp-custom-admin-interface/#faq) * [Support Threads](https://wordpress.org/support/plugin/wp-custom-admin-interface/) * [Active Topics](https://wordpress.org/support/plugin/wp-custom-admin-interface/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wp-custom-admin-interface/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wp-custom-admin-interface/reviews/) * 11 replies * 4 participants * Last reply from: [Northern Beaches Websites](https://wordpress.org/support/users/northernbeacheswebsites/) * Last activity: [6 years ago](https://wordpress.org/support/topic/malware-found-on-custom-admin-interface-php/#post-12884877) * Status: resolved