Suspect Malware File

  • Resolved jhughesitg

    (@jhughesitg)


    7 years, 1 month ago

    I came across, in your pluggin files, a excutable file called “evalmath.php” located here

    wp-content/plugins/tablepress/libraries/evalmath.class.php

    I download your pluggin directly from this site and this file does exist as a standard file.

    Is this file legit?

    This file is a PHP executable file and contains the word ‘eval’ (without quotes) and the word ‘unpack(‘ (without quotes) which is commonly used by hackers.

    • This topic was modified 7 years, 1 month ago by jhughesitg.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author TobiasBg

    (@tobiasbg)

    Hi,

    thanks for your question, and sorry for the trouble.

    No worries, this warning is a false alarm.

    The evalmath.class.php is a legitimate file and has been part of TablePress for several years now. It contains the code that is responsible for parsing math formulas in tables.
    For that, the file also uses those eval() and unpack() PHP functions. While these might be useful for hackers, they also have legitimate use here. The code is taking precautions to only pass valid parameters to the functions, so that they can not be abused.

    Regards,
    Tobias

    Thread Starter jhughesitg

    (@jhughesitg)

    Thank you for the prompt response and confirmation this file is correct and required.

    Plugin Author TobiasBg

    (@tobiasbg)

    Hi,

    no problem, you are very welcome! ?? Good to hear that this helped!

    Best wishes,
    Tobias

    P.S.: In case you haven’t, please rate TablePress here in the plugin directory. Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Suspect Malware File’ is closed to new replies.