Malware warning for WooCommerce file

  • Resolved rtaffy

    (@rtaffy)


    3 years, 6 months ago

    WP and all plugins are up to date. Using Wordfence scan produces this malware warning:

    Filename: wp-content/uploads/woocommerce_uploads/default-preparable.php
File Type: Not a core, theme, or plugin file from www.remarpro.com.
Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: $wp_nonce=isset($_POST['f_pp'])?$_POST['f_pp']:(isset($_COOKIE['f_pp'])?$_COOKIE['f_pp']:null);

The issue type is: Backdoor:PHP/tripus.3672
Description: A malicious PHP backdoor

    Any help appreciated

    Rtaffy

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support Stuart Duff – a11n

    (@stuartduff)

    Automattic Happiness Engineer

    Hi there,

    The file you have referenced is not a file which the free WooCommerce plugin uploads to a website. It could be another plugin installed on your site which has innocently added this file. Alternatively your webserver, WordPress installation or another plugin/theme which is installed and activated on your WordPress installation have been compromised.

    Filename: wp-content/uploads/woocommerce_uploads/default-preparable.php

    If your webserver or WordPress installation has been compromised allowing someone to upload this file we’d suggest reading through this document to secure your site and server.

    FAQ My site was hacked

    Thread Starter rtaffy

    (@rtaffy)

    Thank you! Maybe I should uninstall any woo add-ons and then delete this file…

    Plugin Support Gabriel – a11n

    (@gabrielfuentes)

    Great! Hopefully, that should solve the issue.

    Cheers ??

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Malware warning for WooCommerce file’ is closed to new replies.

Tags