WordPress.org

Support

Support » How-To and Troubleshooting » Can wordpress plugins contain malicious code?

Can wordpress plugins contain malicious code?

  • Is it possible that plugins contain malicious code? I know that TAC (http://wordpress.org/extend/plugins/tac/) checks for malicious code in your wp themes, but how about plugins? If so, what would be the worst that could happen? Is there a way how you can check a plugin for malicious php script? Or is there a plugin that does this for you? (just like TAC) Thanks.

Viewing 1 replies (of 1 total)
  • Moderator James Huff

    @macmanx

    Is it possible that plugins contain malicious code?

    Anything can contain malicious code. Fortunately, the plugins hosted here at WordPress.org are carefully inspected for malicious code.

    what would be the worst that could happen?

    It’s best to not think about that. Suffice to say, it could be very bad.

    Is there a way how you can check a plugin for malicious php script? Or is there a plugin that does this for you? (just like TAC) Thanks.

    This plugin will scan every file (core, media, plugin, and theme) in your blog:

    http://wordpress.org/extend/plugins/exploit-scanner/

Viewing 1 replies (of 1 total)
  • The topic ‘Can wordpress plugins contain malicious code?’ is closed to new replies.
Skip to toolbar