I need help to clarify something about base64_decode code please.
After reading alot about it on the forum I'm still not clear if base64_decode code is safe or a hack.
I have an account on a shared hosting site and installed WordPress an automated install provided by the site. I used the Exploit Scanner plugin and it showed there were several files with this code
in my installation. I thought it might be caused by some of the plugin's I used so I uninstalled it and reinstalled WordPress again without any other themes or plugin's. I only installed Exploit Scanner again to search for it and it found it again in several files.
I removed this installation of WordPress and today installed a new WordPress (using the automated install) in and did not install any plugins (not even Exploit Scanner) and zipped the files in that directory and downloaded it and did a keyword search using Windows Grep to check for it and it found base64_decode in 7 files in the WordPress directory -
Here are the files and the location of the code -
[ Malware redacted, please do not post that here again. ]
It seems this code is showing up in the basic installation files of WordPress without any plugins or themes being added.
My questions are -
1. Is it possible for WordPress to please confirm they are including this code in their installations or provide a way to check which ones are ok or safe and with ones are not.
2. Is there any way I can check if these specific codes are safe.