Possible Malware Detected in Post Expirator Plugin Files

  • Resolved gleenk

    (@gleenk)


    3 months, 1 week ago

    Hello,

    During a routine antivirus scan, two files within the Post Expirator plugin directory were flagged as potentially harmful. The detection used the signature YARA.SP_33_20190103_php_malware.

    Here are the details of the flagged files:

    • /wp-content/plugins/post-expirator/assets/js/vendors-node_modules_elkjs_lib_main_js.js
      • Antivirus Signature: YARA.SP_33_20190103_php_malware
      • Last Modified Date: 2024-11-26 08:16:14
      • Quarantine Status: No
    • /wp-content/plugins/post-expirator/assets/js/vendors-node_modules_elkjs_lib_main_js.min.js
      • Antivirus Signature: YARA.SP_33_20190103_php_malware
      • Last Modified Date: 2024-11-26 08:16:14
      • Quarantine Status: No

    I suspect these files might either be false positives or potentially altered due to a vulnerability. Could you please confirm if these files are part of the original plugin package or if they might have been compromised?

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Tags