Wordfence Security Critical alert: Malicious code

  • Resolved BeaGent

    (@beagent)


    7 years, 4 months ago

    Having SEOpress Pro plugin installed I assume this Wordfence warning related to the Pro plugin a false positive:

    This file may contain malicious executable code: wp-content/plugins/wp-seopress-pro/inc/functions/google-analytics/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php
    Type: File

    Please confirm file + code included is okay – thanks!

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter BeaGent

    (@beagent)

    7 years, 4 months ago

    Additional info from Wordfence:

    File Type: Not a core, theme, or plugin file from ww.wp.xz.cn.

    Details: This file is a PHP executable file and contains the word “eval” (without quotes) and the word “unpack(” (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans. This file was detected because you have enabled HIGH SENSITIVITY scanning. This option is more aggressive than the usual scans, and may cause false positives.

    Plugin Author Benjamin Denis

    (@rainbowgeek)

    7 years, 4 months ago

    Yes false positive.
    This code is given by Google on their Github account.
    Nothing to worry about that.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Wordfence Security Critical alert: Malicious code’ is closed to new replies.