onitsolutions

Hi

Thanks for getting back.

After ignoring the file i ran a wordfence scan and it did not pick up any problems.

hopefully it was just a false positive.

Thanks

Hi Guys

I have updated the Newsletter plugin this morning and got the same message from Wordfence around an hour ago.

File appears to be malicious: wp-content/plugins/newsletter/js/ace/mode-php.js

Filename: wp-content/plugins/newsletter/js/ace/mode-php.js
File type: Not a core, theme or plugin file.
Issue first detected: 1 hour 30 mins ago.
Severity: Critical
Status New

This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans.

The text we found in this file that matches a known malicious file is:
“EvalError|InternalError|RangeError|ReferenceError|StopIteration|SyntaxError|TypeError|URIError|decodeURI|decodeURIComponent|encodeURI|encodeURIComponent|eval|isFinite|isNaN|parseFloat|parseInt|JSON|Ma…”.

The infection type is: Suspicious eval with base64 decode.. This file was detected because you have enabled “Scan images, binary, and other files as if they were executable”, which treats non-PHP files as if they were PHP code. This option is more aggressive than the usual scans, and may cause false positives.

Does anyone have a solution for this problem?

Wow many thanks that did the trick. Its all working fine now.

thanks again.

Hi most ghst

Thanks for the tip, we will give it a try and let you know how we get on.

thanks again.