Malware on this plugin

  • My hosting provider sends a malware report pointing this plugin.
    All the WP sites under my hosting has reports about this malware on the plugin.

    File:
    wp-content/plugins/shortcode-exec-php/editarea/edit_area/reg_syntax/php.js

    Anyone experienced this?

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Contributor M66B

    (@m66b)

    Are you sure this is an infected file and not a false positive?
    Simple way to check: save the file, delete the plugin using the WP plugin manager, install the plugin again and compare the files.

    Kindly Download the Plugin files and check for virus. I am on Windows 8 using its own Virus catcher and it didn’t catch any virus. Its safe to use I highly recommend this plugin.

    This is a false positive. Your host should know better.

    Why give it a 1 star rating if you don’t actually know there is real problem?

    PHP eval function. Sometimes it is possible that malicious code will contain the eval function, which is executable, especially on the same line as a base 64 encoding.

    Although this has been used as a method for malicious code to be executed in some situations, it is very unlikely to be the case on a well documented, popular, regularly updated and highly rated plugin like this one.

    If a vulnerability is found, then you should contact the plugin author via the support options and ask the question, rather than just giving it a 1 star rating without knowing anything about it.

    If there is a genuine problem, then I am sure the author would do absolutely everything in his/her power to address that in the interest of the community, and their own reputation.

    It is a false positive. Your provider is just scanning all scripts for eval statements which should never be used on production web servers.

    No disrespect to the author, but I advise that you do not install this plugin. You are asking for trouble. Eval + WP API access == your user data gone in a heartbeat. If you don’t know about the eval thing right up front, no offense intended to you, but you are playing with fire.

    Does anyone know if the EVAL issue has been addressed (re-coded without it)? It seems like a good plugin, but I can’t evaluate the EVAL situation and would rather not install given Kurt’s warning about possible consequences.

    @sammazza – please post a new thread in the support forum for this plugin here:

    https://www.ads-software.com/support/plugin/shortcode-exec-php

    See the sticky post at the top too.

    This review isn’t a good place for support questions.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Malware on this plugin’ is closed to new replies.