WordPress.org

Ready to get started?Download WordPress

Forums

Can wordpress plugins contain malicious code? (2 posts)

  1. Sjors01
    Member
    Posted 3 years ago #

    Is it possible that plugins contain malicious code? I know that TAC (http://wordpress.org/extend/plugins/tac/) checks for malicious code in your wp themes, but how about plugins? If so, what would be the worst that could happen? Is there a way how you can check a plugin for malicious php script? Or is there a plugin that does this for you? (just like TAC) Thanks.

  2. Is it possible that plugins contain malicious code?

    Anything can contain malicious code. Fortunately, the plugins hosted here at WordPress.org are carefully inspected for malicious code.

    what would be the worst that could happen?

    It's best to not think about that. Suffice to say, it could be very bad.

    Is there a way how you can check a plugin for malicious php script? Or is there a plugin that does this for you? (just like TAC) Thanks.

    This plugin will scan every file (core, media, plugin, and theme) in your blog:

    http://wordpress.org/extend/plugins/exploit-scanner/

Topic Closed

This topic has been closed to new replies.

About this Topic