Malware Found on Custom-admin-interface.php

  • Resolved 989

    (@989-1)


    5 years, 1 month ago

    Dear all
    my provider has notified me that in the code below there’s a malware.

    /plugins/wp-custom-admin-interface/wp-custom-admin-interface.php

    {HEX}Malware.Expert.generic.eval.base64.decode.41.UNOFFICIAL FOUND

Viewing 11 replies - 1 through 11 (of 11 total)
  • Plugin Author Northern Beaches Websites

    (@northernbeacheswebsites)

    Hi @989-1,

    Your provider, whoever they are, are not providing accurate information. I suggest you speak to them and get them to actually get an expert to look over things. Then if you have an issue please report it to me. There’s no desire or benefit for me to be putting malware on peoples sites, and the plugin has been well reviewed by WordPress. Thanks,

    Thread Starter 989

    (@989-1)

    sending your answer to my provider assistance right now

    thanks
    will keep you up to date

    • This reply was modified 5 years, 1 month ago by 989.
    Thread Starter 989

    (@989-1)

    this is the answer

    Salve Massimiliano,

    I confirm that it is a false positive as the following functions are often used in malicious scripts.

    $menu_icon_svg = ‘data:image/svg+xml;base64,
    e
    @eval($stripPhpTags);

    Plugin Author Northern Beaches Websites

    (@northernbeacheswebsites)

    Hi @989-1,

    Glad to hear this is all resolved. Thanks and enjoy the plugin ??

    Thread Starter 989

    (@989-1)

    thanks to you!

    Hello,
    the same thing happens to me too …

    The file was removed, I tried to redo the upload and it is blocked as a malicious file.

    Thread Starter 989

    (@989-1)

    This seems to be a false positive, I strongly suggest your provider have a deeper look at the code contained within the file.

    Plugin Author Northern Beaches Websites

    (@northernbeacheswebsites)

    It certainly is a false positive. Speak to your hosting company and if they are uncooperative get a new hosting company. Or buy the pro version and I will provide a customised version which removes this code.

    Thanks,

    Hello
    The file is also reported by plugins that do malware checking. If you confirm that there is no danger, OK.

    For the PRO version, always try ??
    We would have taken it immediately, but for some time we have been looking for lifetime solutions, we have too many subscriptions, which customers in turn do not want to pay.
    Luckily there are many who are going in this direction.
    If you make a lifetime version I will be the first to buy it.

    Thank you

    • This reply was modified 5 years, 1 month ago by woodypad.

    We are getting malware issues that have now blocked Woocommerce from sending all emails.

    Infected files noted as: generic.eval.base64.decode.41

    While I am more than happy to upgrade, I think it would be a bit silly to do so when the free version is causing issues.

    Could you please help resolve?

    Plugin Author Northern Beaches Websites

    (@northernbeacheswebsites)

    Hi @rcwgsy,

    I repeat, there is no malware in our plugin. The free version of the plugin has a feature which enables you to add custom PHP code to your site which uses the eval method. Unless you are injecting your own malware into your site via our plugin, then our plugin is not doing anything bad. This is an issue with your host, not an issue with our plugin.

    The pro version removes this feature altogether (not because of this reason but actually because the feature has the potential to cause issues where people write incorrect code), so one way you can get around this would be upgrading, but otherwise speak to your host or find a new host.

    Thanks,

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Malware Found on Custom-admin-interface.php’ is closed to new replies.

Tags