Executable Code in CSS Files | WordPress.org

ucfnight80
(@ucfnight80)

12 years, 6 months ago

I have a client that I created a website by customizing the WordPress theme “2012” and made some changes in the theme’s CSS files. The client has recently hired an IT Director and he is claiming that the changes in the CSS files could have executable code that I may have put in the modified CSS files to give myself or others backdoor access to the website.

I wouldn’t even think of doing such thing and other people I talked to including a Cyber Crime expert told me this guy doesn’t know what he is talking about.

Has anyone heard of placing executable code inside of WordPress CSS files? My understanding that the CSS files are “text only” files.

Viewing 2 replies - 1 through 2 (of 2 total)

Andrew Nevins
(@anevins)

WCLDN 2018 Contributor | Volunteer support

12 years, 6 months ago

Nope, not heard of this. The IT Director may have seen some ‘base 64’ code, but this is perfectly plausible in CSS as demonstrated in this Patternify tool (CSS pattern generator) http://www.patternify.com/

Base 64 code elsewhere is generally bad, so if someone wasn’t familiar with CSS I could see why they thought this.

Andrew Nevins
(@anevins)

WCLDN 2018 Contributor | Volunteer support

12 years, 6 months ago

Can you ask the IT Director to provide you with the CSS that caused the suspicion?

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Executable Code in CSS Files’ is closed to new replies.

Tags

css files

2 replies
2 participants
Last reply from: Andrew Nevins
Last activity: 12 years, 6 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics