• Can the plugin be Modified to only include the javascript files for the “checked” sites?

    Recently, my site had 1 page that had what Bing deemed Malicious Java script & I am wondering if it got in through a plugin.

    the java script had, after my root site url the following extension wp/wp-includes/js/masonry.min.js

    I don’t know if I am giving specific enough information to render a response. If not, please ask me more questions. I am only superficially familiar with such an issue. My tech person wanted me to ask the question at the top bec a plugin source seems to be the thought of how the unwanted Java script got on a page.

    Thank you for your consideration

Viewing 2 replies - 1 through 2 (of 2 total)
  • My first question would be… how would you know what are “chekced” sites?

    Secondly, how was that JavaScript file included in the page?

    There’s no records of which pluign or function adds enqueues a JavaScript file in the system, so it’s very hard to say ‘yes, this is valid’ or ‘no, this isn’t valid’ because any checks you do could easily take all of the files that have been enqueued, and you’d get a whole lot of false positives.

    The biggest thing that I’d say also is that if the plugin is insecure enough to let a new JavaScript file be injected, it’s something that you don’t want on your site in the first place!

    Moderator bcworkz

    (@bcworkz)

    Specifically about masonry.min.js, that file is part of the core WP distribution. If your file is identical to the distribution’s file, then Bing has a false positive. This seems very unlikely, since masonry is a very popular jQuery plugin.

    What can happen though is a hacker can hide his own malicious code in such a file. If this is done, the file size will likely not match the distribution version, unless the hacker is extremely crafty. Comparing hashes of the two files will unequivocally reveal if they are identical or not.

    If a hacker were able to add malicious code to this file, you have a big problem! The hacker would thus have write access to all or a portion of your site and can hide malicious code in any number of places.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Java Code through Plugin?’ is closed to new replies.