VaultPress Identified Suspicious Code
-
VaultPress sent this alert. Can you verify that it is a false positive?
Suspicious Code
Dangerous and threatening code often used to attack sites.
PHP.Generic.BadPattern.6/wp-content/plugins/post-smtp/Postman/Postman-Mail/PostmanMessage.php
Line 367: $headers = empty( $headers ) ? explode( “\n”, str_replace( “\r\n”, “\n”, ” ) ) : explode( “\n”, str_replace( “\r\n”, “\n”, $headers ) );
Diagnostic Info:
Mailer: postsmtp
HostName: petersonrudgersgroup.com
cURL Version: 7.85.0
OpenSSL Version: OpenSSL/3.0.8
OS: Linux giowm1057.siteground.biz 3.12.18-clouder0 #3 SMP PREEMPT Wed May 25 12:13:20 EEST 2022 x86_64
PHP: Linux 7.4.33 C
PHP Dependencies: iconv=Yes, spl_autoload=Yes, openssl=Yes, sockets=Yes, allow_url_fopen=Yes, mcrypt=No, zlib_encode=Yes
WordPress: 6.2 en_US UTF-8
WordPress Theme: Twenty Twelve Child
WordPress Plugins: VaultPress, Gravity Forms, Advanced Custom Fields, Akismet Anti-Spam, Classic Editor, Gravity Forms Mailchimp Add-On, Collapse-O-Matic, Post SMTP, SiteGround Optimizer, Sucuri Security – Auditing, Malware Scanner and Hardening, Wordfence Security, Yoast SEO
WordPress wp_mail Owner: /home/customer/www/petersonrudgersgroup.com/public_html/wp-content/plugins/post-smtp/Postman/PostmanWpMailBinder.php
WordPress wp_mail Filter(s): wp_staticize_emoji_for_email, PostsmtpMailer->get_mail_args
WordPress wp_mail_from Filter(s): wordfence::fixWPMailFromAddress
WordPress phpmailer_init Action(s): PostsmtpMailer->phpmailer_smtp_init
Postman: 2.4.8
Postman Sender Domain (Envelope|Message): petersonrudgersgroup.com | petersonrudgersgroup.com
Postman Prevent Message Sender Override (Email|Name): Yes | Yes
Postman Active Transport: SMTP (smtp:tls:oauth2://smtp.gmail.com:587)
Postman Active Transport Status (Ready|Connected): Yes | Yes
Postman Deliveries (Success|Fail): 770 | 126
- The topic ‘VaultPress Identified Suspicious Code’ is closed to new replies.
