[Plugin: WordPress Exploit Scanner] The latest out of the box WP

  • Donncha, thanks for your great efforts!

    Here is something that I would like to ask:

    By using your plugin I got some warnings on my sites ( who doesn’t ?? and before start cleaning I decided to take a look on the out-of-the-box installation.

    I got WP 2.8.5, made a clean installation and ran exploit-scanner.

    On two different web hosts after out-of-the box clean WP 2.8.5 installations exploit-scanner gives the same:

    Modified Core Files

1. ../public_html/blank/license.txt
2. ../public_html/blank/wp-includes/images/crystal/license.txt
3. ../public_html/blank/wp-includes/js/scriptaculous/MIT-LICENSE
4. ../public_html/blank/wp-includes/js/swfupload/plugins/swfupload.speed.js
5. ../public_html/blank/wp-includes/js/tinymce/license.txt

    Could you please explain this?

    Thanks again for your efforts.

Viewing 2 replies - 1 through 2 (of 2 total)

  • The eol-style svn property for all WP files is set to native except for those files. The license files are set to CRLF and swfupload.speed.js should be set to native but instead is missing the eol-style property. We’ll have to take eol style into account when checking those files.

    Thread Starter bottleneck

    (@bottleneck)

    Thanks to you, Ryan and all WordPress Exploit Scanner’s team!

    ??

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘[Plugin: WordPress Exploit Scanner] The latest out of the box WP’ is closed to new replies.