Support » Fixing WordPress » Malware or virus warnings – Exploit scanner – Help!!

  • penciso

    (@penciso)


    I ran “exploit scanner” plugin on my wordpress blog and it turned 6 severe warnings on the following files (among others):

    wp-includes/gettext.php:310
    Often used to execute malicious code: eval(“$string”);
    wp-includes/classes.php:1508
    Often used to execute malicious code: eval(“\$query = \”$query\”;”);
    wp-includes/js/tinymce/themes/advanced/jscripts/about.js:49
    Often used to execute malicious code: var fn = eval(‘tinyMCEPopup.windowOpener.TinyMCE_’ + name + ‘_getInfo’);
    wp-content/themes/productum/includes/js/jquery-1.3.1.min.js:12
    wp-content/themes/productum/includes/js/jquery-1.3.1.min.js:19
    Often used to execute malicious code: t;string”){if(H==”script”){o.globalEval(I)}…
    wp-content/themes/productum/includes/js/pngfix.js:14
    Often used to execute malicious code: eval(function(p,a,c,k,e,r){ ….

    Is this something to worry about?. How will you proceed?

    Appreciated. Best regards

Viewing 3 replies - 1 through 3 (of 3 total)
  • Alwyn Botha

    (@123milliseconds)

    Sorry to hear that

    Investigate further by reading http://codex.wordpress.org/FAQ_My_site_was_hacked

    Samuel B

    (@samboll)

    actually those are “false positives” using legitimate eval codes
    many themes used will also show these

    I agree with Samuel that they are most probably false positives. However the first two matches:

    wp-includes/gettext.php:310
    Often used to execute malicious code: eval("$string");
    wp-includes/classes.php:1508
    Often used to execute malicious code: eval("\$query = \"$query\";");

    suggest that you are using a very old version of WordPress. Since the last version of WordPress that contained that code in classes.php was 2.6 (released July 2008) and the file no longer exists in 3.1.

    If you are concerned about security (and even you are not!) then I urge you to upgrade your WordPress install.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Malware or virus warnings – Exploit scanner – Help!!’ is closed to new replies.