Title: Suspicious function found
Last modified: April 22, 2025

---

# Suspicious function found

 *  Resolved [SiteVivid](https://wordpress.org/support/users/sitevivid/)
 * (@sitevivid)
 * [1 year, 1 month ago](https://wordpress.org/support/topic/suspicious-function-found-6/)
 * Hello. I imagine this is nothing but an over-protective security software, but
   I want to be sure. My security software is flagging two files for having suspicious
   code. It is WPGive Version 4.1.0 and the files are:
 * /wp-content/plugins/eventprime-event-calendar-management/includes/lib/tcpdf_min/
   tcpdf_barcodes_1d.php
 * /wp-content/plugins/give/vendor/tecnickcom/tcpdf/tcpdf_barcodes_1d.php
 * The line of code in question in both files is identical. It is line 1070 and 
   reads:
   $keys_a .= chr(0).chr(1).chr(2).chr(3).chr(4).chr(5).chr(6).chr(7).chr(
   8).chr(9);
 * Can you confirm the legitimacy of these files and the line of code in question?
 * Thank you in advance.

Viewing 2 replies - 1 through 2 (of 2 total)

 *  Plugin Support [Robin Joshua Del Mundo](https://wordpress.org/support/users/robindelmundo/)
 * (@robindelmundo)
 * [1 year, 1 month ago](https://wordpress.org/support/topic/suspicious-function-found-6/#post-18436712)
 * Hi [@sitevivid](https://wordpress.org/support/users/sitevivid/) ,
 * Glad you reached out. Happy to help!
 * I’ve not heard of a host flagging that file before. I can assure you it’s a file
   that’s included in the plugin. Here’s a screenshot of my file path to it in my
   local site:
 * ![](https://i0.wp.com/d33v4339jhl8k0.cloudfront.net/inline/36546/43b9a044d742fe9be8ef6cfcca6cc0e25d58ae2a/
   3745915229301b04dc3c4646e928fdbf664adab6/Screenshot-2025-04-21-at-7-37-24-am.
   jpg?ssl=1)
 * That file, and the other tcpdf files, have to do with PDF file generation.
 * If your site has been hacked, then I would definitely locate the source for that.
   Then, I’d back your site up and reload the GiveWP plugin.
 * One idea would be to send them the URL to [download the plugin from the WordPress repository ](https://wordpress.org/plugins/give/)
   and see if they can find what they think is the issue.
 * Let me know if you have any further questions. Have a good day!
 *  Thread Starter [SiteVivid](https://wordpress.org/support/users/sitevivid/)
 * (@sitevivid)
 * [1 year, 1 month ago](https://wordpress.org/support/topic/suspicious-function-found-6/#post-18439457)
 * Thank you Robin. As I mentioned, I’m sure it’s just an issue with the software.
   I’ve seen it tag other plugins that have that same line of code, “$keys_a .= 
   chr(0).chr(1).chr(2).chr(3).chr(4).chr(5).chr(6).chr(7).chr(8).chr(9);”.
 * Thanks for your update and I’ll reach out to the security software people and
   ask them.
 * Christopher

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Suspicious function found’ is closed to new replies.

 * ![](https://ps.w.org/give/assets/icon-256x256.jpg?rev=2873287)
 * [GiveWP - Donation Plugin and Fundraising Platform](https://wordpress.org/plugins/give/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/give/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/give/)
 * [Active Topics](https://wordpress.org/support/plugin/give/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/give/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/give/reviews/)

 * 2 replies
 * 2 participants
 * Last reply from: [SiteVivid](https://wordpress.org/support/users/sitevivid/)
 * Last activity: [1 year, 1 month ago](https://wordpress.org/support/topic/suspicious-function-found-6/#post-18439457)
 * Status: resolved