Scripts inside image

  • Resolved risorsainformatica

    (@risorsainformatica)


    11 months ago

    wc-vendors-logo-black-text.png contains javascript code — flagged by antivirus


    Hello,

    I’d like to report a potential security issue related to the file wc-vendors-logo-black-text.png. Although it appears to be an image file, it actually contains embedded script code and is being flagged as malicious by multiple antivirus tools . This could indicate that the file has been compromised.

    The file path in question:
    /wc-vendors/assets/images/wc-vendors-logo-black-text.png

    I strongly suggest checking the integrity of this file and reviewing the plugin’s latest release to ensure it hasn’t been tampered with.

    Please investigate as soon as possible.

    Thank you,

    Risorsainformatica

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Fitri Sinta

    (@supportfitri)

    11 months ago

    Hi @risorsainformatica,

    Thank you for bringing this to our attention.

    We’ve investigated the wc-vendors-logo-black-text.png file and can confirm that this is a false positive.

    We understand your concern and will be releasing a patch shortly to prevent further false flags by antivirus tools.

    Let us know if you have any further questions or concerns.

    Best regards,

    Plugin Support Fitri Sinta

    (@supportfitri)

    11 months ago

    Hi @risorsainformatica,

    I hope everything is going well.

    I’m glad to inform you that we’ve recently released the WC Vendors Marketplace version 2.5.9. In this update, we’ve included the Bug Fix: Remove the incorrect PNG image file.

    Please update to the latest version to get the latest bug fixes and feature improvements.

    To know more about the latest changes, please visit our changelog here:

    https://ww.wp.xz.cn/plugins/wc-vendors/#developers

    Best regards,

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Scripts inside image’ is closed to new replies.