Malware Found on Custom-admin-interface.php

Hi @989-1,

Your provider, whoever they are, are not providing accurate information. I suggest you speak to them and get them to actually get an expert to look over things. Then if you have an issue please report it to me. There’s no desire or benefit for me to be putting malware on peoples sites, and the plugin has been well reviewed by WordPress. Thanks,

sending your answer to my provider assistance right now

thanks
will keep you up to date

• This reply was modified 5 years, 1 month ago by 989.

this is the answer

Salve Massimiliano,

I confirm that it is a false positive as the following functions are often used in malicious scripts.

$menu_icon_svg = ‘data:image/svg+xml;base64,
e
@eval($stripPhpTags);

Hi @989-1,

Glad to hear this is all resolved. Thanks and enjoy the plugin ??

thanks to you!

Hello,
the same thing happens to me too …

The file was removed, I tried to redo the upload and it is blocked as a malicious file.

This seems to be a false positive, I strongly suggest your provider have a deeper look at the code contained within the file.

It certainly is a false positive. Speak to your hosting company and if they are uncooperative get a new hosting company. Or buy the pro version and I will provide a customised version which removes this code.

Thanks,

Hello
The file is also reported by plugins that do malware checking. If you confirm that there is no danger, OK.

For the PRO version, always try ??
We would have taken it immediately, but for some time we have been looking for lifetime solutions, we have too many subscriptions, which customers in turn do not want to pay.
Luckily there are many who are going in this direction.
If you make a lifetime version I will be the first to buy it.

Thank you

• This reply was modified 5 years, 1 month ago by woodypad.

We are getting malware issues that have now blocked Woocommerce from sending all emails.

Infected files noted as: generic.eval.base64.decode.41

While I am more than happy to upgrade, I think it would be a bit silly to do so when the free version is causing issues.

Could you please help resolve?

Hi @rcwgsy,

I repeat, there is no malware in our plugin. The free version of the plugin has a feature which enables you to add custom PHP code to your site which uses the eval method. Unless you are injecting your own malware into your site via our plugin, then our plugin is not doing anything bad. This is an issue with your host, not an issue with our plugin.

The pro version removes this feature altogether (not because of this reason but actually because the feature has the potential to cause issues where people write incorrect code), so one way you can get around this would be upgrading, but otherwise speak to your host or find a new host.

Thanks,