File render_engine.php may contain malicious executable code

  • Resolved peopleinside

    (@peopleinside)


    11 years, 6 months ago

    render_engine.php

    This file is a PHP executable file and contains the word ‘eval’ (without quotes) and the word ‘base64_decode(‘ (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code.

    This is the report for a security software i use for protect my wordpress.

    So i want delete this file because is dangerous for my scan.
    What this file is, if i remove newsletter plug in stop to work?

    https://wordpress.org/plugins/wysija-newsletters/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Jonathan Labreuille

    (@jon1op)

    11 years, 6 months ago

    Hi peopleinside,

    I think this is a false positive in your case. The “security software” you are using seems to be pretty limited and doesn’t actually try to exploit the file. It just looks for commonly used functions.

    The render engine file is actually a template engine (much like Smarty). the base64 functions are used as variable modifiers and the eval() is there for handling conditions.

    If you remove the file, you might as well remove the whole plugin as it handles the visual editors (forms & newsletters) and also their respective rendered version.

    Let me know if you have any question 🙂

    Thread Starter peopleinside

    (@peopleinside)

    11 years, 6 months ago

    Ok so no security problem on this file?! Thanks

    Wysija

    (@wysija)

    11 years, 5 months ago

    Nope!

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘File render_engine.php may contain malicious executable code’ is closed to new replies.