False Positive – Yellow Pencil

  • Resolved Garrett Hyder

    (@garrett-eclipse)


    7 years, 5 months ago

    Hello,

    I wanted to confirm this is just a False Positive;

    View post on imgur.com

    This file may contain malicious executable code: /home/…/public_html/wp-content/plugins/waspthemes-yellow-pencil/editor.php
    Filename: wp-content/plugins/waspthemes-yellow-pencil/editor.php
    File type: Not a core, theme or plugin file.
    Issue first detected: 9 hours 58 mins ago.
    Severity: Critical
    Status New
    This file is a PHP executable file and contains the word ‘eval’ (without quotes) and the word ‘urldecode(‘ (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans. This file was detected because you have enabled HIGH SENSITIVITY scanning. This option is more aggressive than the usual scans, and may cause false positives.

    I can ignore this correct? Is there anything that can be done on Wordfence end to avoid this in the future?

    Thanks
    P.S. If you need a copy of the plugin to investigate it can be found here;
    https://www.ads-software.com/plugins/yellow-pencil-visual-theme-customizer/

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘False Positive – Yellow Pencil’ is closed to new replies.