Jili ph withdrawal fee,636345 minute time slots benefits.REGISTER NOW GET FREE 888 PESOS REWARDS!

Resolved TRDD
(@traceyrickard)

5 months ago

Vaultpress is reporting a security issue within your plugin.

Screenshot here

I have attached a screenshot from Vaultpress. It keeps reporting that the code pattern is often used to run a very dangerous shell programs on your server. I have checked our files against the files in the WordPress repository and they are identical, so it has not been hacked. Please can you advise?

The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)

Plugin Support Ojoma a11n
(@geraltrivia)

5 months ago

Hello there @traceyrickard ,

Thank you for reaching out to us.

I tried to view the file you sent over via Dropbox but it appears to have been deleted.

I personally haven’t seen other reports of this though, but if possible can you kindly send over the file again so I can view it?

Looking forward to hearing back from you.

Thread Starter TRDD
(@traceyrickard)

5 months ago

Hi Sorry,

Here it is https://www.dropbox.com/scl/fi/ltoox2fs35a9941xgxtiw/Screenshot-2024-06-27-at-07.11.39.png?rlkey=yylkne2haylzcftk1m61w1gtj&dl=0

Kind regards

Tracey

Plugin Support Dani F. a11n
(@danielinhou)

4 months, 3 weeks ago

Hi @traceyrickard ,

I get this error when I try to access that file:

Error (400)Something went wrong. Don’t worry, your files are still safe and the Dropbox team has been notified. Check out our?Status Page?to see if there is a known incident, our?Help Center?and?forums?for help, or head back to?home.

Can you please review it?

Cheers

Thread Starter TRDD
(@traceyrickard)

4 months, 1 week ago

I am not sure why this is happening. I have taken another screenshot – here is the link. https://www.dropbox.com/scl/fi/ltoox2fs35a9941xgxtiw/MailPoet.png?rlkey=yylkne2haylzcftk1m61w1gtj&dl=0

I have checked the link and it works. We continue to get this error every day.

Thread Starter TRDD
(@traceyrickard)

4 months, 1 week ago

The link above definitely works but here is the text from the latest email:

VaultPress detected a new security issue on one of your sites xxxxx.

Our security scanners found 1 new security threats since the last email notification (7 hours ago). Please visit the VaultPress security page for more details.

Suspicious Code

Our security scanners detected the following possible security issues. We recommend that you review the affected files.PHP.Generic.BadPattern.5

This code pattern is often used to run a very dangerous shell programs on your server. The code in these files needs to be reviewed, and possibly cleaned.

plugins/mailpoet/vendor-prefixed/doctrine/dbal/src/Portability/Converter.php

Plugin Author Ján Miklá?
(@neosinner)

4 months, 1 week ago

Hi @traceyrickard,

the file belongs to Doctrine, which MailPoet uses to work with database. The code is open-source, so you can compare your file, with the https://github.com/doctrine/dbal/blob/3.8.x/src/Portability/Converter.php to see it was not modified to change its functionality.

In this case, it’s safe to ignore the threat, as it’s a false-positive one.

Hope this helps,
Ján

Viewing 6 replies - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

Vaultpress reporting dangerous files

Tags