Title: Malware issues?
Last modified: August 15, 2023

---

# Malware issues?

 *  Resolved [niblan7](https://wordpress.org/support/users/niblan8/)
 * (@niblan8)
 * [2 years, 9 months ago](https://wordpress.org/support/topic/malware-issues-5/)
 * Hello,
   After last update of the WooCommerce plugin, I receive every day an email
   from my CleanTalk Anti-Spam plugin about malware issues in my website elisaartemide.
   it.
 * This is the content of the email from CleanTalk:
 * Malware Issues Time**Aug 14 2023 20:56:03** Hostname**[http://www.elisaartemide.it](http://www.elisaartemide.it)**
   Plugin**wordpress-security-2.115** Scanned files**12** Result**WARNING**
 * **These files may not contain malicious code but they use very dangerous PHP 
   functions and constructions! PHP developers don’t recommend to use such code.
   Besides, it looks very suspicious.**
   Failed files: 14 PathModify timeMD5 HashPlugin/
   wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/src/Assets/
   SmartButton.phpJul 19 2023 20:36:078db49ce4832351983481dfcabd12304a- /wp-content/
   plugins/woocommerce-paypal-payments/modules/ppcp-button/src/Endpoint/CreateOrderEndpoint.
   phpJul 19 2023 20:36:07fc2258d88e1f7b1dac804b30a1f40955- /wp-content/plugins/
   woocommerce-paypal-payments/modules/ppcp-compat/src/CompatModule.phpJul 19 2023
   20:36:07353c6bcedd232332c6411a096a58f436- /wp-content/plugins/woocommerce-paypal-
   payments/modules/ppcp-session/src/SessionModule.phpJul 19 2023 20:36:07f194eb9a38616f0244ff6345d01c45bf-/
   wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-status-report/src/
   StatusReportModule.phpJul 19 2023 20:36:079c9bde7cff54db62a4b2da7ab2adb1b8- /
   wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-vaulting/src/VaultingModule.
   phpJul 19 2023 20:36:085804bef8c3c88959e4bedf3fa3879a45- /wp-content/plugins/
   woocommerce-paypal-payments/modules/ppcp-wc-gateway/services.phpJul 19 2023 20:
   36:086d33b388a489b228b0c1f63add41c51e- /wp-content/plugins/woocommerce-paypal-
   payments/modules/ppcp-wc-gateway/src/Settings/Fields/pay-later-tab-fields.phpJul
   19 2023 20:36:08c2f3a59cf770cc310a976108836a4c5e- /wp-content/plugins/woocommerce-
   paypal-payments/modules/ppcp-wc-gateway/src/Settings/Fields/paypal-smart-button-
   fields.phpJul 19 2023 20:36:08a0f44e25836282296131d355537386fc- /wp-content/plugins/
   woocommerce-paypal-payments/modules/ppcp-wc-gateway/src/WCGatewayModule.phpJul
   19 2023 20:36:08dcfa515afb8caa6f6247e291b74ae16d- /wp-content/plugins/woocommerce-
   paypal-payments/modules/ppcp-webhooks/services.phpJul 19 2023 20:36:08a558bae04976bf58f4a95e49d01cbc69-/
   wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-webhooks/src/Handler/
   CheckoutOrderApproved.phpJul 19 2023 20:36:08326087c2e3d76d29f3d3dbbb84b507bd-/
   wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-webhooks/src/Handler/
   PaymentCaptureRefunded.phpJul 19 2023 20:36:087393f3e19c94a9f1c5e89ca93088690f-/
   wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-webhooks/src/Handler/
   VaultPaymentTokenCreated.phpJul 19 2023 20:36:082872283323b67f6047542dab321dc34c-
   Unknown files: 1 PathModify timeMD5 Hash /wp-content/uploads/woocommerce_uploads/
   index.htmlOct 16 2022 17:50:01d41d8cd98f00b204e9800998ecf8427e
 * **Please, check scan results in your WP dashboard:**
   [http://www.elisaartemide.it/wp-admin/options-general.php?page=spbc](http://www.elisaartemide.it/wp-admin/options-general.php?page=spbc)
 * **What should I do?**
   Upon finishing the scan you will see the results in 6 different
   categories:
    - Unknown: Unknown executable files spotted in the system. These files don’t
      come with WordPress by default. It could be anything.
    - Modified: Modified executable files of the system.
    - Suspicious: Modified executable files of the system with suspicious function
      names. WordPress does NOT use such functions.
    - Dangerous: Modified executable files of the system with dangerous functions
      that could harm your website.
    - Critical: Modified executable files of the system with very dangerous functions—
      99,5%% that this is malware!
    - Outbound links: Shows you the list of outgoing links on your website pages
      and websites these links lead to.
 * Could you please tell me something about that?
 * Thank you.
 * Best regards,
 * Nicola
 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fmalware-issues-5%2F%3Foutput_format%3Dmd&locale=en_US)
   to see the link]_

Viewing 3 replies - 1 through 3 (of 3 total)

 *  [hrn1995 (woo-hc)](https://wordpress.org/support/users/aguinaldodarla/)
 * (@aguinaldodarla)
 * [2 years, 9 months ago](https://wordpress.org/support/topic/malware-issues-5/#post-16988145)
 * Hello,
 * It seems that the files listed in your email are all part of the WooCommerce 
   PayPal Payments plugin, which is a trusted and widely used plugin. It’s likely
   that the CleanTalk plugin flagged these files because they use more advanced 
   PHP functions that could be misused in other contexts.
   It’s common for security
   plugins to trigger false positives. Furthermore, it doesn’t necessarily mean 
   your website has been infected with malware. They are simply cautioning that 
   the files are using some PHP functions that, in certain contexts, could be used
   maliciously.
 * However, to ensure the safety of your site, I would recommend ensuring that all
   your plugins, themes, and WordPress itself are up-to-date, along with WooCommerce
   and WooCommerce PayPal Payments plugins.
 * > Unknown files: 1 PathModify timeMD5 Hash /wp-content/uploads/woocommerce_uploads/
   > index.htmlOct 16 2022 17:50:01d41d8cd98f00b204e9800998ecf8427e
 * The “unknown file” that was flagged is simply an index.html file in your uploads’
   directory. This is a common file used to prevent directory browsing on your website,
   and it’s completely harmless.
 * In conclusion, it appears to be more of a caution than an indication of a real
   issue.
 * I hope this clarifies your concern.
 *  Thread Starter [niblan7](https://wordpress.org/support/users/niblan8/)
 * (@niblan8)
 * [2 years, 9 months ago](https://wordpress.org/support/topic/malware-issues-5/#post-16989779)
 * Hi Darla,
 * Thank you for your reassuring response. I feel much safer now.
 * Best regards,
 * Nicola
 *  [hrn1995 (woo-hc)](https://wordpress.org/support/users/aguinaldodarla/)
 * (@aguinaldodarla)
 * [2 years, 9 months ago](https://wordpress.org/support/topic/malware-issues-5/#post-16990903)
 * It’s my pleasure to help, Nicola!
 * I’m going to mark this thread as resolved, but please don’t hesitate to [start a new topic](https://wordpress.org/support/theme/storefront/#new-topic-0)
   if you have any more questions down the line.
 * Have a wonderful day!

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Malware issues?’ is closed to new replies.

 * ![](https://ps.w.org/woocommerce/assets/icon.svg?rev=3234504)
 * [WooCommerce](https://wordpress.org/plugins/woocommerce/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/woocommerce/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/woocommerce/)
 * [Active Topics](https://wordpress.org/support/plugin/woocommerce/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/woocommerce/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/woocommerce/reviews/)

 * 3 replies
 * 2 participants
 * Last reply from: [hrn1995 (woo-hc)](https://wordpress.org/support/users/aguinaldodarla/)
 * Last activity: [2 years, 9 months ago](https://wordpress.org/support/topic/malware-issues-5/#post-16990903)
 * Status: resolved