Title: Absolutely Worthless Last modified: August 22, 2016 --- # Absolutely Worthless * Resolved [Mike](https://wordpress.org/support/users/manndtp/) * (@manndtp) * [11 years, 8 months ago](https://wordpress.org/support/topic/absolutely-worthless/) * No settings page (even though their site claims there is) and not updated since 3.5.2. Consider this an abandoned plugin. DO NOT INSTALL. * [https://wordpress.org/plugins/exploit-scanner/](https://wordpress.org/plugins/exploit-scanner/) Viewing 7 replies - 1 through 7 (of 7 total) * [gmisura](https://wordpress.org/support/users/gmisura/) * (@gmisura) * [11 years, 7 months ago](https://wordpress.org/support/topic/absolutely-worthless/#post-5314614) * Tools -> Exploit Scanner * is the settings page. * But I agree, it does feel abandoned. * Thread Starter [Mike](https://wordpress.org/support/users/manndtp/) * (@manndtp) * [11 years, 7 months ago](https://wordpress.org/support/topic/absolutely-worthless/#post-5314615) * Found a site which has updated hash files. Have not gone through to check if they are correct. * [https://github.com/philipjohn/exploit-scanner-hashes](https://github.com/philipjohn/exploit-scanner-hashes) * [shhganzo](https://wordpress.org/support/users/shhganzo/) * (@shhganzo) * [11 years, 5 months ago](https://wordpress.org/support/topic/absolutely-worthless/#post-5314642) * Yes. [https://github.com/philipjohn/exploit-scanner-hashes/blob/master/hashes-4.1.php](https://github.com/philipjohn/exploit-scanner-hashes/blob/master/hashes-4.1.php) From which you can create the file /wwwroot/wp/wp-content/plugins/exploit-scanner/ hashes.4.1.php Then the scanner works much better. Steve * [justatest47](https://wordpress.org/support/users/justatest47/) * (@justatest47) * [11 years, 4 months ago](https://wordpress.org/support/topic/absolutely-worthless/#post-5314643) * Indeed, this is garbage. Pure junk. It shows hundreds of basic WordPress 4.1 core files as “vulnerable” and plugins as well. I’ve compared SOME of the files manually side by side (my files found on FTP vs stock files, redownloaded WP and some plugins) and they are ok. * Why can’t this useless plugin automatically compare ALL FTP files with the repository files just like Wordfence is doing???? * [Texiwill](https://wordpress.org/support/users/texiwill/) * (@texiwill) * [11 years, 2 months ago](https://wordpress.org/support/topic/absolutely-worthless/#post-5314647) * I use both, and wordfence is great at checking ‘known’ files against the repository, but does nothing with UNKNOWN files. I had a hacked WP that Wordfence could not find. Using the [https://github.com/philipjohn/exploit-scanner-hashes/](https://github.com/philipjohn/exploit-scanner-hashes/) project allowed me to generate the hashes for WP and then run a scan against ALL files. It found 20+ files with malware in them that Wordfence just missed because they were not officially part of a plugin. They were found in the upload directory as well. * So you really need both tools and exploit-scanner does not really need more than the hashes to be updated for it to work, plus one other item to make it work with W3TC and other object cache tools (it does work as expected with Tribe Object Cache however). * So I do not feel it is abandoned, plus there was a recent update. I use it, and use it effectively. * [idowebwork](https://wordpress.org/support/users/mannweb/) * (@mannweb) * [11 years, 2 months ago](https://wordpress.org/support/topic/absolutely-worthless/#post-5314648) * Awesome to see this recently updated. An amazing script indeed. Not Worthless anymore. * Plugin Author [Philip John](https://wordpress.org/support/users/philipjohn/) * (@philipjohn) * [11 years, 1 month ago](https://wordpress.org/support/topic/absolutely-worthless/#post-5314654) * Hi folks, * I’m now contributing new hashes to this plugin. Yay! Viewing 7 replies - 1 through 7 (of 7 total) The topic ‘Absolutely Worthless’ is closed to new replies. * ![](https://s.w.org/plugins/geopattern-icon/exploit-scanner.svg) * [Exploit Scanner](https://wordpress.org/plugins/exploit-scanner/) * [Frequently Asked Questions](https://wordpress.org/plugins/exploit-scanner/#faq) * [Support Threads](https://wordpress.org/support/plugin/exploit-scanner/) * [Active Topics](https://wordpress.org/support/plugin/exploit-scanner/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/exploit-scanner/unresolved/) * [Reviews](https://wordpress.org/support/plugin/exploit-scanner/reviews/) * 7 replies * 7 participants * Last reply from: [Philip John](https://wordpress.org/support/users/philipjohn/) * Last activity: [11 years, 1 month ago](https://wordpress.org/support/topic/absolutely-worthless/#post-5314654) * Status: resolved