Support » Plugin: Wordfence Security » [4.0.2] Eval detection is bugged

Viewing 4 replies - 1 through 4 (of 4 total)
  • Agreed. WordFence 4.0.2 has just flagged dozens of my sites with files containing possibly containing malicious code. I’m double checking with plugin authors, but I think these are all false positives.

    Gravity Forms –

    ManageWP Worker plugin –

    NextGen –

    Good call. Thanks. So I guess it’s safe to ignore for now.

    I can confirm that as well – usually some mismatched “eval”(where “eval” is part of a word) combined with either base64_decode() or urldecode().
    And I know that base64_decode() is frowned upon, but one of the times it contained a base64_encoded image and the other time it was just a freemium theme trying to put stuff in the footer :doh:.

    Plugin Author Wordfence


    Confirmed this is an issue but may already be fixed. Lets merge this conversation into this thread:

    …which I’m about to update.

    Marking this one resolved.


    PS: If you found this helpful, please rate Wordfence 5 stars.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘[4.0.2] Eval detection is bugged’ is closed to new replies.