WPMU Defender – Suspicious function found

Resolved sel
(@glashsix)

7 years, 8 months ago

Hi I have Ad Inserter on my page and the plugin WPMU Defender Pro.

Defender runs a a regular security scan on the files and found a “Suspicous function phpQuery_52.php”, with the following path: wp-content/plugins/ad-inserter/includes/phpQuery_52.php

This is a function included in the plugin in the repository so it is not created on our server.

Could you please provide som more information about this issue and the function?

Thanks

Viewing 7 replies - 1 through 7 (of 7 total)

Plugin Author Spacetime
(@spacetime)

7 years, 8 months ago

Files
wp-content/plugins/ad-inserter/includes/phpQuery_52.php
and
wp-content/plugins/ad-inserter/includes/phpQuery.php

are used for server side insertion using jQuery like CSS selectors:
https://adinserter.pro/documentation/automatic-insertion#before-after-html-element

phpQuery_52.php is loaded for PHP < 5.3, for higher PHP versions phpQuery.php is loaded.
Nothing to worry about.

Why is the file marked as ‘suspicious’?

Thread Starter sel
(@glashsix)

7 years, 8 months ago

Hi Spacetime,

thank you for the very fast reply and explanation. So these are not external libraries this is your code right?

Unfortunately there is no further information in the dashboard of the Defender plugin as far as I know. Maybe the WPMU Defender team could provide more detailed information.

Maybe it would be best if you the developer contacted them since this is a plugin code level / compatibiltiy issue. I can ask for you, but would be an unnecessary ‘3rd wheel’.

Have a great day!
Bests
Plugin Author Spacetime
(@spacetime)

7 years, 8 months ago
This is in the header of the file:
```
/**
 * phpQuery is a server-side, chainable, CSS3 selector driven
 * Document Object Model (DOM) API based on jQuery JavaScript Library.
 *
 * @version 0.9.5
 * @link http://code.google.com/p/phpquery/
 * @link http://phpquery-library.blogspot.com/
 * @link http://jquery.com/
 * @author Tobiasz Cudnik <tobiasz.cudnik/gmail.com>
 * @license http://www.opensource.org/licenses/mit-license.php MIT License
 * @package phpQuery
 */
```
I modified the file to be compatible with PHP 7.1 and above.

Will contact them, thank you for reporting the issue.

BTW If you like the plugin I would appreciate if you could write a short review:
https://ww.wp.xz.cn/support/plugin/ad-inserter/reviews/#new-post

Thank you!
Thread Starter sel
(@glashsix)

7 years, 8 months ago

Thanks,

Could you maybe post the resolution later if you have any info from them for future similar questions, before you mark this resolved? Would be helpful.

I’ll be happy to write a review. Ad Inserted saved me a lot of time and hassle.

Keep up the great work.
Bests

Plugin Author Spacetime
(@spacetime)

7 years, 8 months ago

Sure.

https://ww.wp.xz.cn/support/topic/false-positive-suspicious-function-found/

Plugin Author Spacetime
(@spacetime)

7 years, 8 months ago

I’ve tested the plugin on my end and could not replicate the same issue. The Defender plugin scans the files and compares them with the WordPress repository. If the code doesn’t match it will mark a file as suspicious. I see that the Add Inserter plugin was just updated, so it is possible that the WordPress repository wasn’t updated in time and Defender plugin was still scanning the previous version of the plugin.

Please clear your site’s cache and re-scan your site for suspicious files. Let us know how it went.

https://ww.wp.xz.cn/support/topic/false-positive-suspicious-function-found/

Plugin Author Spacetime
(@spacetime)

7 years, 8 months ago

Since I can’t reproduce the issue and also developers can’t reproduce the issue I’m closing this thread.

I suggest you to reply to the thread of “Defender Security, Monitoring, and Hack Protection” plugin:
https://ww.wp.xz.cn/support/topic/false-positive-suspicious-function-found/

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘WPMU Defender – Suspicious function found’ is closed to new replies.

Tags