File possibly compromised | WordPress.org

Resolved mdsaude
(@mdsaude)

7 years, 9 months ago

Hello.
Just after I updated the plugin, I received an email from Sucuri with the following alert:

Warning: File possibly compromised: ./wp-content/plugins/calculated-fields-form/cp_calculatedfieldsf_public_int.inc.php (js.blackhole.gen.001). Manual review recommended.

Do you know what is going on?

Regards
Pedro.

https://wordpress.org/plugins/calculated-fields-form/

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Author codepeople
(@codepeople)

7 years, 9 months ago

Hi Pedro,

Our plugin does not include any script with the exploit: js.blackhole, I’ve made some tests to the current versions and checked the code meticulously and there is not anything inusual, so the possible reasons for the warning are:

1. A false-positive of Sucuri

2. or in reality your server was compromised, and it is injecting new code in the plugins that are installed in your WordPress.

Please, create a zipped file with your copy of the plugin (/wp-content/plugins/calculated-fields-form), and send me it through my private support system:

http://cff.dwbooster.com/contact-us

Best regards.

Thread Starter mdsaude
(@mdsaude)

7 years, 9 months ago

I showed your response to the guys from Sucuri and they just confirmed that it was in fact a false-positive.

Thanks for your help.
Regards.

Plugin Author codepeople
(@codepeople)

7 years, 9 months ago

Hi,

Thank you very much to let me know.

Best regards.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘File possibly compromised’ is closed to new replies.

In: Plugins
3 replies
2 participants
Last reply from: codepeople
Last activity: 7 years, 9 months ago
Status: resolved