Malicious file alert for razorpay woocommerce plugin

  • Resolved karthic24

    (@karthic24)


    6 months, 1 week ago

    Looks like a flase positive. I have checked with VirusTotal and other tools and got safe message. Please look into this

    File appears to be malicious or unsafe: –tutor/wp-content/plugins/woo-razorpay/tests/phpunit/bootstrap.php

    <?php

// path to test lib bootstrap.php
$test_lib_bootstrap_file = dirname( __FILE__ ) . '/includes/bootstrap.php';

if ( ! file_exists( $test_lib_bootstrap_file ) ) {
    echo PHP_EOL . "Error : unable to find " . $test_lib_bootstrap_file . PHP_EOL;
    exit( '' . PHP_EOL );
}

// set plugin and options for activation
$GLOBALS[ 'wp_tests_options' ] = array(
    'active_plugins' => array(
        'woocommerce/woocommerce.php',
        basename(realpath(dirname(__FILE__) . '/../../')) . '/woo-razorpay.php'
    ),
    'wpsp_test' => true
);

// call test-lib's bootstrap.php
require_once $test_lib_bootstrap_file;

require_once 'tests/phpunit/util/class-util.php';
require_once PLUGIN_DIR . '/vendor/autoload.php';
$current_user = new WP_User( 1 );
$current_user->set_role( 'administrator' );

echo PHP_EOL;
echo 'Using WordPress core : ' . ABSPATH . PHP_EOL;
echo PHP_EOL;
Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Thank-you @karthic24 for getting in touch!

    The woo-razorpay plugin itself seems to not be flagged without the phpunit test files. In many cases where files and folders that aren’t part of the repository version of WordPress or its plugins are found, they may need to be manually ignored from the scan results page if you’re satisfied they’ve come from a trusted source and/or were created with your knowledge.

    We do have a samples @ wordfence . com address, where our team could take a look to see if there’s anything the plugin can do to not identify the contents as malicious. Please ensure to always remove any database credentials, passwords, keys, or salts from any files you do send to us.

    Thanks,
    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Malicious file alert for razorpay woocommerce plugin’ is closed to new replies.