Dangerous Code in Latest Version?

  • Resolved miketheteacher

    (@miketheteacher)


    7 years, 7 months ago

    Wordpress’ security plugin Vaultpress is returning the following security warnings:

    plugins/gmail-smtp/google-api-php-client/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php

    PHP.Generic.BadPattern.5

    This code pattern is often used to run a very dangerous shell programs on your server. The code in these files needs to be reviewed, and possibly cleaned.

    plugins/gmail-smtp/google-api-php-client/vendor/guzzlehttp/guzzle/src/Middleware.php

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Noor Alam

    (@naa986)

    Hi, These files come frome the official Google API Client library. This library is needed to run oAuth2 authentication with the Gmail SMTP server.

    Thread Starter miketheteacher

    (@miketheteacher)

    Thanks, I’ll report it as safe to the vault press team.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Dangerous Code in Latest Version?’ is closed to new replies.