File appears to be malicious or unsafe: .. wordfence/../issue-timelimit.php

  • Resolved benhelps

    (@benhelps)


    3 years ago

    Hi,

    I recently got a critical warning in my site scan as follows:

    Filename: wp-content/plugins/wordfence/views/scanner/issue-timelimit.php
File Type: Plugin
Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: str_replace("v","","strv_vrvevpvlvavce"

The issue type is: Suspicious:PHP/strireplace_replace.6990
Description: Common code pattern for malicious backdoors

    I’ll remove the new and suspicious code, but is this an accidental add to file in a recent Wordfence update?

    Regards,

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter benhelps

    (@benhelps)

    BTW I’ve kept a copy of the “bad” file in case needed (though I’ve no idea how to upload to the case)

    Plugin Support wfpeter

    (@wfpeter)

    Hi @benhelps,

    It seems certainly the right action to take so far – I’ve just double-checked my copy of this file and it isn’t meant to contain the code highlighted in the scan result above.

    To check whether it’s part of a wider compromize of your WordPress installation, please can you please drop an email to samples @ wordfence . com with the file attached, and a link to this ticket so that my colleagues know you have been speaking with me?

    It would be better to be safe than sorry to have them seen out by our team, and they can send you site cleaning instructions or things you can check from here.

    Thanks,

    Peter.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘File appears to be malicious or unsafe: .. wordfence/../issue-timelimit.php’ is closed to new replies.