Support » Plugin: Wordfence Security » [4.0.2] Eval detection is bugged

  • Resolved neamtua


    After updating to the latest version, I got a couple of notifications that eval() is present in some files.
    What your script detected was “doubleval” and “$this->nodeValue”. No other eval is present as I have checked.

Viewing 4 replies - 1 through 4 (of 4 total)
  • dlmweb


    Agreed. WordFence 4.0.2 has just flagged dozens of my sites with files containing possibly containing malicious code. I’m double checking with plugin authors, but I think these are all false positives.

    Gravity Forms –

    ManageWP Worker plugin –

    NextGen –



    Good call. Thanks. So I guess it’s safe to ignore for now.

    Nikola Nikolov


    I can confirm that as well – usually some mismatched “eval”(where “eval” is part of a word) combined with either base64_decode() or urldecode().
    And I know that base64_decode() is frowned upon, but one of the times it contained a base64_encoded image and the other time it was just a freemium theme trying to put stuff in the footer :doh:.

    Plugin Author Wordfence


    Confirmed this is an issue but may already be fixed. Lets merge this conversation into this thread:

    …which I’m about to update.

    Marking this one resolved.


    PS: If you found this helpful, please rate Wordfence 5 stars.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘[4.0.2] Eval detection is bugged’ is closed to new replies.