WordPress.org

Ready to get started?Download WordPress

Forums

Definitive post/answer/rule on WP containing eval() & base64_decode() functions? (4 posts)

  1. kaidez
    Member
    Posted 2 years ago #

    Hello all. I've been focusing more and more on security and have been using Exploit Scanner to help me. When I ran ES, it listed a whole bunch of files that contained both eval() and base64_decode() functions, which can be bad.

    I searched through the WP Forums and found this past post on the subject. It seems to say that the fact that these functions exist in your WP install does necessarily mean that they're malicious but I'm wondering if there's any more definitive discussion on the subject somewhere?

    One thing's for certain: I see the value in using as few plugins as possible in any future WP installations...quality not quantity.

  2. Rev. Voodoo
    Volunteer Moderator
    Posted 2 years ago #

    Have you decoded any of that stuff to see what's going on?

  3. kaidez
    Member
    Posted 2 years ago #

    Hi Rev. Voodoo...thanx for responding!

    In truth, I haven't. Will a tool like this be ok?

  4. Rev. Voodoo
    Volunteer Moderator
    Posted 2 years ago #

    I would think any decoder will work

    http://wordpress.org/support/topic/how-to-decrypt-an-encoded-theme?replies=3

    Here's some good info

    I'm always very suspicious of the encoded stuff. Won't touch it with a pole normally

Topic Closed

This topic has been closed to new replies.

About this Topic