Plugin Injecting Code into Functions.php

  • Victor Font

    (@vfontj)


    11 years, 5 months ago

    I downloaded WP Maintenance Mode yesterday to use while I updated a client’s site with a new Genesis Framework based child theme. After activating the plugin, I activated the new child theme. Immediately foreign code was injected into the functions.php file for both the child theme and the Genesis Framework causing the site to crash by having the same functions declared in both functions files.

    The only type of code I have ever encountered that writes to functions.php is a malware worm. I ran a site check through sucuri.net, which reported that WP Maintenance Mode is infected. As soon as I disabled and deleted the plugin, the writing to functions.php stopped.

    I don’t know if writing to unctions.php is on purpose or if the plugin is infected with a worm, but whatever the case, writing anything to functions.php is a bad practice.

    https://ww.wp.xz.cn/plugins/wp-maintenance-mode/

Viewing 1 replies (of 1 total)
  • George J

    (@georgejipa)

    11 years, 5 months ago

    Hello @victor Font,

    There is no code in our plugin that edits theme’s functions.php because is not needed. Please give us the sucuri.net report… so we can figure it out.

    Thanks.

Viewing 1 replies (of 1 total)

The topic ‘Plugin Injecting Code into Functions.php’ is closed to new replies.