Suspicious function found

  • Resolved vraisa

    (@vraisa)


    7 months, 2 weeks ago

    We’ve detected some suspicious code in this plugin file from the Official WP repository at https://wp.org/plugins/simply-static-pro and the flagged code is highlighted in red. We recommend contacting the plugin developer for clarification, as warnings can sometimes be false positives. If found as a false positive, please reach out to our support.

    version: 14.15.5 
    file: class-ssp-shortpixel.php
    line: 784
    if ( @copy( $file, $file_path ) ) {

    • The @ symbol suppresses PHP errors, which is often considered bad practice because it can hide potential issues.
    • Security scanners often flag @copy() (and similar functions like eval(), base64_decode(), exec(), etc.) since they are sometimes abused in malware to copy or move malicious files.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Mehmet

    (@gandomi)

    7 months, 2 weeks ago

    Hello there,
    Thanks a lot for reaching out.

    It looks like the file you mentioned belongs to the Simply Static plugin, not WP Statistics.
    We’re the developers behind the WP Statistics plugin.

    You can contact their support team directly from the official WordPress forum here:
    https://ww.wp.xz.cn/support/plugin/simply-static/

    They’ll be the best people to review the flagged code and clarify if it’s a false positive.

    Thanks again for checking things carefully.
    We really appreciate users who help keep the WordPress ecosystem secure!

    Kind regards,
    Mehmet

    Thread Starter vraisa

    (@vraisa)

    7 months, 2 weeks ago

    thanks and sorry.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Suspicious function found’ is closed to new replies.