Critical warning from WordFence

  • Resolved jess888

    (@jess888)


    7 years, 2 months ago

    I am getting a critical warning from WordFence on the current version of UDP. Tried reloading a fresh copy of the file and got the same warning:

    This file may contain malicious executable code: /home/theepicureanconnection_com/public_html/wp-content/plugins/updraftplus/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php
    Filename: wp-content/plugins/updraftplus/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php
    File Type: Not a core, theme or plugin file.
    Issue First Detected: 2 mins ago.
    Severity: Critical
    Status New
    This file is a PHP executable file and contains the word ‘eval’ (without quotes) and the word ‘unpack(‘ (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans. This file was detected because you have enabled HIGH SENSITIVITY scanning. This option is more aggressive than the usual scans, and may cause false positives.

Viewing 1 replies (of 1 total)
  • Plugin Author David Anderson / Team Updraft

    (@davidanderson)

    Hi,

    We’ve been having this false positive reported quite regularly lately. Please can you ask Wordfence to whitelist it? Since both of our plugins have over a million users, it’s wasting time for lots of people, and if they could just whitelist that file, we could all do something more useful with the time! ??

    David

Viewing 1 replies (of 1 total)
  • The topic ‘Critical warning from WordFence’ is closed to new replies.