Support » Plugin: Exploit Scanner » [Plugin: Exploit Scanner] ES detection of base64-encoded or hotlinked images

  • Sometimes WP plugins or themes will include base64-encoded images inserted via CSS + JavaScript e.g. Cookie Control. Although I had previously decoded this to check it out and it’s not malicious, I was surprised ES did not detect it.

    Also, while webmasters are concerned about others hotlinking their images, what about hot linking in the other direction? If ES could detected images on our site that are called from an external server this would a) avoid accidental hotlinking on our part and more important b) detected images that have been deliberately embedded on our site for tracking purposes e.g. the smilie used by WordPress Stats.

    http://wordpress.org/extend/plugins/exploit-scanner/

  • The topic ‘[Plugin: Exploit Scanner] ES detection of base64-encoded or hotlinked images’ is closed to new replies.