Suspicious code reported by malware scanner

boardboss, hi there.

Probably your website was hacked, cause there is no “bootstrap.php” file in the plugin directory / archive.

My sincere apologies. I apparently missed actually copying the file location when I pasted it into the ticket. The file in question is /wp-content/plugins/webtoffee-gdpr-cookie-consent/admin/modules/cli-themes/cli-themes.php and not bootstrap.php. That file was from a different plugin that I also reported for a different reason.

boardboss, same thing, there is no directory cli-themes/ and file cli-themes.php in the original archive, you can check it here.

Hi again – I opened the file webtoffee-gdpr-cookie-consent.zip, which was downloaded from https://www.webtoffee.com/my-account/my-api-downloads/. That file clearly has a folder named cli-themes and a file named cli-themes.php as can be seen here: https://prnt.sc/15i0qj2

I have already raised a ticket with WebToffee, since this appears to be an issue in the commercial and not the free version.

boardboss, I guess you’re talking about some kind of PRO version of the plugin, not the free one from here: https://downloads.www.ads-software.com/plugin/cookie-law-info.2.0.3.zip. Am I right?

Hi @boardboss, @m0ze,

Thanks for notifying us of the concerns.

The issue reported by @boardboss is in the premium version of the plugin and we are taking a look at it.

@m0ze, We appreciate sharing further information via support ticket directly.

We will do the needful for both cases and update ASAP.

webtoffee, awesome, thanks <3

Hi @boardboss.

As per the communications we had via the ticket submit at the site, the reported concerns have been addressed in the premium version of the plugin. If you have any more concerns, feel free to reach out via the support ticket itself.