WordPress.org

Ready to get started?Download WordPress

Forums

Malware or virus warnings - Exploit scanner - Help!! (4 posts)

  1. penciso
    Member
    Posted 3 years ago #

    I ran "exploit scanner" plugin on my wordpress blog and it turned 6 severe warnings on the following files (among others):

    wp-includes/gettext.php:310
    Often used to execute malicious code: eval("$string");
    wp-includes/classes.php:1508
    Often used to execute malicious code: eval("\$query = \"$query\";");
    wp-includes/js/tinymce/themes/advanced/jscripts/about.js:49
    Often used to execute malicious code: var fn = eval('tinyMCEPopup.windowOpener.TinyMCE_' + name + '_getInfo');
    wp-content/themes/productum/includes/js/jquery-1.3.1.min.js:12
    wp-content/themes/productum/includes/js/jquery-1.3.1.min.js:19
    Often used to execute malicious code: t;string"){if(H=="script"){o.globalEval(I)}...
    wp-content/themes/productum/includes/js/pngfix.js:14
    Often used to execute malicious code: eval(function(p,a,c,k,e,r){ ....

    Is this something to worry about?. How will you proceed?

    Appreciated. Best regards

  2. 123milliseconds
    Member
    Posted 3 years ago #

    Sorry to hear that

    Investigate further by reading http://codex.wordpress.org/FAQ_My_site_was_hacked

  3. Samuel B
    moderator
    Posted 3 years ago #

    actually those are "false positives" using legitimate eval codes
    many themes used will also show these

  4. Jon Cave
    WordPress Dev
    Posted 3 years ago #

    I agree with Samuel that they are most probably false positives. However the first two matches:

    wp-includes/gettext.php:310
    Often used to execute malicious code: eval("$string");
    wp-includes/classes.php:1508
    Often used to execute malicious code: eval("\$query = \"$query\";");

    suggest that you are using a very old version of WordPress. Since the last version of WordPress that contained that code in classes.php was 2.6 (released July 2008) and the file no longer exists in 3.1.

    If you are concerned about security (and even you are not!) then I urge you to upgrade your WordPress install.

Topic Closed

This topic has been closed to new replies.

About this Topic