Critical file found, but it’s a CleanTalk file

Hello.

We have fixed this already, thank you.

A new scan should solve it.

I scanned again and got the same file with the same warning. Should I reinstall my cleantalk plugins?

Here’s the code that it says is malicious:

527  return eval( "return \"$elem\";" );
528 }, $matches );
529 $this->file_lexems[ $key ][1] = str_replace( $matches, $replacements, $current[1] );
1338  switch( $current[1] ){
1339  case 'base64_decode':
1340  $data = base64_decode( $next[1][1] );
1341  break;
1342  case 'urldecode':
1350  break;
1351  case 'str_rot13':
1352  $data = str_rot13( $next[1][1] );

Thank you for your reply, @hyrum0.

We fixed the issue a few hours ago. Please, synchronize the plugin:
? WordPress Admin Page —> Settings —> Security by CleanTalk —> Synchronize with Cloud

If the problem persists, please send us the file in question for analysis:
https://cleantalk.org/help/files-analysis

I synchronized and got the same result, so I submitted the file for processing. Thanks for the assistance.

We will analyze the file and you will get the result within 24 hours.
Please wait.

Hello.
We have checked the file and it is safe.
We have some issues with hashes so you can see this file in the scan results for a little while. To make sure everything is in order, you can send it for analysis every time.

Thanks for checking!

Hello,

Thank you for the feedback!

Please, try to use the development version. We have made a fix there.
You could reinstall the plugin by following this instruction:

1. Go to the WordPress Administrator Panel —> Plugins.
2. Find the plugin “Security & Malware scan by CleanTalk” —> Deactivate.
3. After the automatic page refresh, find the plugin again “Security & Malware scan by CleanTalk” —> Delete. Confirm “Yes, delete these files”.
4. Download the plugin archive from here: https://github.com/CleanTalk/security-malware-firewall/releases/download/dev-version/security-malware-firewall.zip
5. Go to Plugins —> Add New —> Upload Plugin.
6. Choose the downloaded archive and press “Install Now”.

Contact us if you have any questions.

Hello @hyrum0

I see that you marked the topic as resolved.

Please, install latest 2.72.2 version of the plugin via WordPress plguin manager in your dashboard. We have added some important fixes related to your problem.

Thank you for reaching us. Have a nice time!

• This reply was modified 3 years, 3 months ago by Safronik.

Sorry, I didn’t follow your previous instructions, but I went to my site this morning and the latest 2.72.2 was already installed. I ran the security scan again and now there aren’t any critical files found. But I did get the following error message:

Errors:
2021-08-30 20:17:01: Updating firewall: WRONG_SITE_RESPONSE ACTION: RESPONSE: “<!DOCTYPE html> <html lang=”en-US”> <head> <meta name=”viewport” content=”width=device-width, user-scalable=yes, initial-scale=1.0, minimum-scale=1.0, maximum-scale=3.0″> <meta http-equiv=”Content-Type” content=”text/html; charset=UTF-8″ /> <link rel=”profile” href=”https://gmpg.org/xfn/11&#8243; /> <link rel=”pingback” href=”https://hyrumjones.com/xmlrpc.php&#8221; /> <title>Hyrum Jones – Reality in Fic”

Click the button “Synchronize with cloud” and reload the page.

Does it help?