WordPress.org

Ready to get started?Download WordPress

Forums

Wordfence Security
[resolved] Feature request: Find malicious JPEG images (3 posts)

  1. mprewitt3abn
    Member
    Posted 2 years ago #

    Hackers can hide WP plugins at JPEG images, as explained on this website: http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/ ... see the end of the section with subtitle "Hidden Code".

    I'm not sure if the current version of WP is still susceptible to this hack, but I have found suspicious JPEG images on my own server in the same folder with known hacker script files. (The JPEG images were suspect because (a) they shouldn't have been there, and (b) they wouldn't open with an image viewer. So most likely there were code.)

    It would be nice if your scanner could identify such files.

    http://wordpress.org/extend/plugins/wordfence/

  2. mprewitt3abn
    Member
    Posted 2 years ago #

    I meant to say "So most likely THEY were code" (i.e., hacker scripts).

  3. Wordfence
    Member
    Plugin Author

    Posted 1 year ago #

    Thanks for this report.

    I've added this as a high priority issue for us to examine and if necessary we'll ammend the Wordfence detection code to examine JPG's for code.

    Regards,

    Mark.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.