Eli

I have not seen any emails from you yet and I look forward to helping you find the solution to this issue. Please let me know if you figure it out or if you need more help.

This is the Directory Transversal protection in the Firewall Options. This feature prevents the submission of any variable that contains ../ in the value, which protects you against the potential exploitation of some themes and plugins that might otherwise allow a hacker to read or write to an arbitrary file on your server.

You can look into the contents of the form that you posted on your site that got redirected and see if you can spot the usage of ../ in one of that field values, or you can just turn this feature off on the Firewall Options page in your wp-admin (but understand that you may be leaving your site open to a directory transversal attack if you have any vulnerable plugins or theme feature that could be exploitable if you turn off this option).

Feel free to write back with more detail if figure out why this form was getting blocked or if you need more help to figure it out.

My plugin does not store any cookie data for any visitors who come into contact with your site.

Please let me know if that does not cover it and you need any more info.

I would like to help you fix this issue but I will need to see the whole of the malicious code that was injected in that file.php …
Can you please email that infected file so that I can see what is going wrong with it?

You can email me the whole file with the infection in it directly to me:
eli AT gotmls DOT net

Thanks,
There is not as much of a need for plugin updates as you might think. My plugin works well and you can download definition update of new threats without updating the core plugin code. Therefore, there are only plugin updates when I an releasing a completely new feature or fixing a bug in the program. I am working on a few new feature that I hope to release soon, so there will actually be a new plugin update as soon as I have finished and tested these updates.

Rest assured, the current version of my plugin if fully compatible with the latest release of WordPress, and I am constantly releasing new definition updates as new threats emerge.

Thanks so much for reporting this. Yes, this is a false positive in the definition updates that I released last night. I have just released a new definition update to correct this issue. Please download the latest definition updates ( L3I4w ) before running the scan again.

Sorry for any trouble this might have caused and thanks again for spotting my mistake and bringing it to my attention.

Aloha, Eli

I have been steadily working towards a scheduled scan feature but this has proved more difficult to implement than I had thought and I will need more time to work transform the scan engine so that it can run without a browser console. Also, a lot of thing in my life have changed so I have not had as much free time lately to work on new features. Life happens ;-/

Yes, you can delete the records in your Anti-Malware Quarantine, but these are just records of the infections and they are not dangerous to keep. It can also sometime prove to be very helpful to have these records to refer to if you need to track down the source of any recurring infections.

To delete all quarantine records just check the box next to “Check all Items in Quarantine”, then click the red Delete button, then you can click the link to Purge the deleted records if you are sure that you want to completely erase all the records of these infected files.