Malicious Executable code in class-pclzip.php??
-
I just got a sever warning on a scan re:
This file may contain malicious executable code: /services/webpages/t/e/domain.com/public/wp-admin/includes/class-pclzip.php
Anyone else get this warning? To me, it could just be a new file associated with the 4.6.1 update, but the following explanation by Wordfence doesn’t make me feel comfortable assuming the file’s fine:
This file is a PHP executable file and contains the word ‘eval’ (without quotes) and the word ‘unpack(‘ (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans. This file was detected because you have enabled HIGH SENSITIVITY scanning. This option is more aggressive than the usual scans, and may cause false positives.
Any suggestions?
- The topic ‘Malicious Executable code in class-pclzip.php??’ is closed to new replies.