Detected Threat name: Backdoor.PHP.Exec.gen.3CE in your plugin

  • kristinubute

    (@kristinubute)


    5 months ago

    HI

    My security software has found this in your plugin.

    Severity: enMaliciousThreatType File: wp-content/plugins/coupon-creator/plugin-en/…/release.php File signature: 644157a15a215f5cbb5767d53233a088 Threat signature: 9774ea3e7fcdd3eabf389fd24b64f645 Threat name: Backdoor.PHP.Exec.gen.3CE Threat: <?php /** * Rele Details: Detected malicious PHP code

    I have removed it straight away as it detected it as SEVERE issue.

    I can’t afford to have my client site infected by malware.

    Unless this is a false positive but I assume not ?

    Please advise the steps you take to FIX your plugin that has been compromised if it has been?

    Thanks

    Kristin

Viewing 1 replies (of 1 total)
  • Plugin Author Brian

    (@brianjessee)

    Hi,

    Thanks for using the Coupon Creator Plugin, I can help out.

    We believe this is a false positive from vendor build files. These files are not used in the plugin. We have already removed them in the current release, and if you reinstall the plugin, it will not include the file. We are also working on a future release for WordPress 6.6 compatibility, which will not include these files too.

    There have been no other reports of this issue, but we will continue to review it and further troubleshoot to resolve any issues that are found.

    In the future, please kindly reach out to us at couponcreatorplugin.com/contact for security issues. This allows us to address potential problems privately and prevent compromising more sites. Please, post in the support forums if you do not receive a response.

    Best regards,
    Brian

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.