Malware !

You need to go into more detail. It’s not enough to say your hosting provider’s automated tool flagged this plugin as containing malware.

Fichiers contenant des logiciels malveillants: wp-includes/class.wp.php wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv11_0.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv28_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv22_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv9_0.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv11_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv20_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv14_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv35_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv33_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv32_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv6_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv12_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv31_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrvfr16.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv21_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv25_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv24_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv10_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv7_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv16_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv26_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv23_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv30_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv13_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv10_0.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv9_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv15_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv18_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv22_0.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv27_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv29_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv19_1.dat wp-content/plugins/magic-password/vendor/endroid/qr-code/assets/data/qrv17_1.dat

I suggest you to contact one.com for more info about why they take your plugin as a malware

Of course, we will contact one.com to explain the problem, but it seems like a false positive from hostings malware scanner. These files is just look like assets for generate image. We are using third party library to generate QR Codes and this is the most popular library on Github with 1,4 k stars.

We sent message to One.com and we were asked for a blocked domain. Can you give us this information? If we get blocked domain, we can continue solving the issue.

This is the first time we have received such compliant so we did a very careful investigation – we have contacted One.com and we have confirmed that our plugin we distributed does not contain malware. Still, there is a possibility that one of other plugins has been compromised and some malware has been spreaded across other plugins’ files through the infected one. Please let us know if you have any other query.