False Positive with NumberOne Theme?

  • Resolved F R

    (@frosado)


    9 years, 3 months ago

    I received the following warning when running a manual scan of the NumberOne Theme purchased through Envato. This is their latest version of the Theme as of today (12/21/2015). Below is the error it showed. Is this a false positive?

    /themes/NumberOne/includes/update-notifier.php
    $ch = curl_init($notifier_file_url);
    $cache = curl_exec($ch);
    $cache = file_get_contents($notifier_file_url); // …if not, use th …

    https://www.ads-software.com/plugins/antivirus/

Viewing 1 replies (of 1 total)
  • Plugin Support Torsten Landsiedel

    (@zodiac1978)

    curl_init and file_get_content are on the list of suspicious code, because these functions can be used to include malicious code into the theme from an external source.

    You have to check the code for yourself if it is used for a good reason or for a malicious code injection. If you’ve downloaded the theme directly from Envato I think it is an “false positive”.

    The plugin does not find viruses in all cases, it also highlights code that can be used in a bad manner, so you can check it to be safe. That’s the case here.

    All the best,
    Torsten

Viewing 1 replies (of 1 total)
  • The topic ‘False Positive with NumberOne Theme?’ is closed to new replies.