Malware file missed by WordFence
-
I recently had a security issue where a hacker had added an extra file to the following directory:
wp-includes/js/tinymce/utils/
The file was named “wp-tinymce.php” which is the name of a file from the parent directory, but doesn’t belong in this directory. Also, the file was about 10 times larger than normal. A Wordfence malware scan did not detect the file. My hosting company flagged it as malicious, and gave me the all-clear once I deleted it.
Is there a known reason why the Wordfence scan didn’t catch this file? (In fairness, Sucuri Sitecheck didn’t catch it either.)
Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
- The topic ‘Malware file missed by WordFence’ is closed to new replies.