/package.module.attach_to_post.php base64_decode and eval

@justinmarch – Yes, those functions are being safely and correctly used in our plugin.

Thanks for asking!

– Cais.

I have just had my web host flag this file as potential malware due to these two functions, I’m hoping that they are able to whitelist them from their security scans. It’s just unfortunate that these two function feature so commonly in compromised PHP code!

@rickcurran – If your host is willing to disclose how they came to find the file as potential malware, we would be very interested. Could you submit a bug report here: https://www.imagely.com/report-bug and provide the error reports, the name of the program they used to scan and any and all information they have about the malware alert. As Cais mentioned, the code is being safely and correctly used in our plugin, but we do take security reports seriously and want to know about any alerts. ??

Thanks!
Becky

i am facing same issue on one of my website.

All – My host sent me a similar message, although it was just saying they quarantined the file versus any specifics … I’m still waiting for their response.

As it is, although the host did note the file was quarantined, it may just be an automated message as I am not seeing any issues on any of my test or live sites using NextGEN Gallery plugins currently with that host?!

As it is, if this does appear to produce issues on the site, please do send us a Bug Report and we will do what we can to mitigate it.

Thanks!

– Cais.

Hi, apologies, I’m afraid I never saw your reply from a couple of weeks back. I think in the case of my host they are just basically picking up on anything that has “base64decode” or “eval” appearing in it and flagging them up. In my case they were able to whitelist the file and exclude it from their security scans in future.

@rickcurran – Thanks for the update!

– Cais.