Malicious file?

  • Resolved jgold723

    (@jgold723)


    7 years, 1 month ago

    I received a warning from Wordfence about a possible malicious file in my Updraft plus install:

    /wp-content/plugins/updraftplus/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php

    I have my scan set to high sensitivity so I’m wondering if this is a false positive or should I delete it?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author David Anderson

    (@davidanderson)

    Hi,

    That’s really impossible for us to say, since we don’t know what’s in that file on your install. You can compare it with the pristine version by downloading a fresh copy of the plugin from www.remarpro.com, extracting that particular file, and then running it through a difference analyser, such as WinMerge.

    If you find that it’s identical, then please ask Wordfence to correct their scanner, as with over 1 million installs, we’re likely to get this question an awful lot!

    David

    Thread Starter jgold723

    (@jgold723)

    I checked as you suggested and the files are identical, so this must be a false positive. Thanks for the suggestion. I’ll let the Wordfence folks know.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Malicious file?’ is closed to new replies.