Exploit Scanner Severe Results Help (2 posts)

  1. oKick
    Posted 5 years ago #

    I need some help please. Today I ran the Exploit Scanner plugin. It returned a lot of results--over 30 "severe" and 16 in "level warning" then 100+ in the "level result" category.

    Most of the severe ones are from 2 backup plugins, backupwordpress and xcloner. The backupwordpress result is base64_decode.

    It returned similar results from xcloner and some mysql_query results. I just deleted xcloner because I didn't use it.

    All level warning results are iframe. Several from the Share and Follow plugin, a couple iframes list websites I don't recognize.

    The display:none is also listed a lot, like Akismet and share and follow.

    I actually haven't downloaded many plug ins, but it seems most of them are coming up anyhow. I read there are false positives, but that the severe results are...severe, esp if they are the base64. I don't know if it's normal to be that because it's a backup, if I should delete it, or if I'm compromised. If I'm hacked, what do I do?

    Any advice is very appreciated. I don't know much, obviously.

    Thank you

  2. xcloner
    Posted 5 years ago #

    Just saw your post, and want to add some clarifications regarding XCloner, this blog post might help understanding why XCloner runs in an iframe as wordpress plugin http://www.xcloner.com/ideas/why-we-made-xcloner-standalone-and-how-we-integrate-it-with-joomlawordpress/ , i think that might be the issue of why the security scanner sees it like a threat

    If you think it's a security issue, simple move the xcloner plugin files to another directory of your choice and access it directly, you can also add a htaccess password protection layer to that directory if needed

    Good luck,

Topic Closed

This topic has been closed to new replies.

About this Topic