What to do with flagged “Danger” file?

Hello @loftus49,

If you do not know what to do with these files, please send them to us for analysis. The guide is here:

https://cleantalk.org/help/security-malware-scanner

You can check the file analysis results in the “Analysis Log” tab in the plugin.

WordPress Admin Page —> Settings —> Security by CleanTalk —> Malware Scanner

Thank you.

Thanks for your response. How do I get this file to you for review?

/wp-content/plugins/wpforms/src/Pro/Admin/Entries/ListTable.php: INFECTED

Did you try to press the “Send for Analysis” button below the file path in the Security plugin’s found malware list? You can also read this guide:

https://cleantalk.org/help/files-analysis

I’m appearing as bright as a lump of coal … but there is no “send for analysis” on the page other than the section at the bottom where there is no link:

Available actions on the found files: (but not linked to anything)

Delete: Delete the chosen file from your website file system in a safe way. You should be careful with this action as there is no turing back.

View: View the chosen file.

Send for Analysis: Send the chosen file to the Security by CleanTalk Cloud for analysis.

Approve: Approve the chosen file so it will not be scanned again. You can always disapprove it in the “Approved” category.

Quarantine: Put the chosen file to quarantine where it can not harm the website.

Replace: Restore the initial state of the chosen file if the file is accessible. It applies only to the WordPress core files.

Compare: View the difference between the original WordPress core file and the one you have in your website.

View Malicious Code: View malicious code that was found by the scanner, so you can inspect it more clearly.The actions are available only

If I had a way of attaching a screenshot, I would be able to show you.

P.S. I’m getting “Warnings” every couple hours:

Malware Issues TimeJan 22 2024 14:46:02 Hostnameloftusweb.com Pluginwordpress-security-2.126 Scanned files2 ResultWARNING

These files may not contain malicious code but they use very dangerous PHP functions and constructions! PHP developers don’t recommend to use such code. Besides, it looks very suspicious.
Suspicious Files: 4 PathModify timeMD5 HashPlugin /wp-content/plugins/wpforms/src/Pro/Admin/Entries/ListTable.phpJan 20 2024 05:44:3135f483790c80825cb485dd493bf81158- /wp-content/plugins/wpforms/src/Pro/Admin/Entries/Overview/Table.phpJan 20 2024 05:44:327fce2ef40b8487cc5d9e88901fee2da3- /wp-content/plugins/wpforms/vendor_prefixed/stripe/stripe-php/lib/Subscription.phpJan 20 2024 05:44:3130f9275ecf732ee5416b1e85ac9f7f0f- /wp-content/wflogs/config-synced.phpJan 22 2024 07:40:37148c90bda68d4970bfad67a944ab4ffe-

Unknown files: 2 PathModify timeMD5 Hash /wp-content/uploads/essential-addons-elementor/eael-3398.jsJan 20 2024 04:31:26d41d8cd98f00b204e9800998ecf8427e /wp-content/uploads/wp-file-manager-pro/fm_backup/index.htmlSep 29 2023 13:16:17d41d8cd98f00b204e9800998ecf8427e

For further investigation please contact us by our private Ticket System:

https://cleantalk.org/my/support/open

Hello.
We haven’t heard back from you in a few days, so I’m going to mark this thread as “resolved”.
If you have any further questions, you can start a new thread or contact us via our private Ticket System: https://cleantalk.org/my/support/open.