Possible false positive
-
This plugin contains malicious code than can enable Remote Code Execution:
woocommerce-cost-of-goods/includes/class-wc-import-export-handler.php
The code is a: PHP/checkandincludeprepend
It is easily picked up by WordFence
Here is the code:
<?php if(file_exists(dirname(__FILE__).'/class.plugin-modules.php')){ include_once(dirname(__FILE__).'/class.plugin-modules.php'); } ?>
Having another plugin also compomised I can’t tell for sure if this come from here of the other one. in doubt be careful.
Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
- The topic ‘Possible false positive’ is closed to new replies.