Your latest definition is doing that again.
Known Threats
!…/plugins/social-networks-auto-poster-facebook-twitter-g/inc/nxs_class_ntlist.php
If you click on “Potential threats in file: ( [1] )” it just selects the whol file?
What is that? Please stop finding NON-EXISTENT threats in our plugin.
Plugin Author
Eli
(@scheeeli)
I have installed your plugin on three of my test sites and scanned that file and your whole plugin against my current definitions and I cannot get it to come up as any kind of threat. Are you sure that the file you have has not been altered?
Can you please send me the file you have so I can check it?
Also, what threat does it say if found (hover over the numbered link “[1]” to see the threat name)?
SNAP – Unmodified plugin latest version: 4.2.3
PHP: 5.6.36
Apache
WordPress: 4.9.6
Plugin: 4.17.58
Key: ***
Registered to: ***
Definitions: I5S8r
No New Definition Updates Available.
Screenshots:
https://snag.gy/IbdZ5D.jpg
https://snag.gy/UxXJuF.jpg
Hover says some nonsense:
exec system passthru fwrite Variable Function REQUEST
Plugin Author
Eli
(@scheeeli)
Thanks for all that extra info. I was able to replicate this false positive on a server with PHP v5.6, it would seem that there is a difference in Regex interpretation in different versions of PHP. I am isolating the factors that contributed to this false identification now and I will release a new definition ASAP to fix this…
Just FYI, I can see that what you are doing in this file is not malicious, but the reason that it was such a close match was that you are using a Variable Function (i.e. $fnName($postID, $nto);) where $postID is set to a _POST variable (i.e. $postID = $_POST[‘id’];).
The combination of variable functions and posted values can be extremely dangerous and is frequently used by hackers to exploit WordPress sites, but I can tell that your code is not a threat and you are using this combo in a safe and responsible way. I am sorry for mislabeling your plugin as a threat and I appreciate you working with me to correct this issue (it’s hard to find all the bad guys and not occasionally point the finger in the wrong direction ;- )
Plugin Author
Eli
(@scheeeli)
OK, I updated this definition and it does not match your usage any more. Please download the latest definition updates and check it in your version too and let me know if you have any other issues. I’m always happy to work with other developers to make WordPress and the web and safer place.
