FYI: WP Plugin Security | WordPress.org

ljfent
(@ljfent)

7 years ago

I thought you might be interested in this security report from a wordpress security plugin. It references three files that may pose a security risk…

“These files may not contain malicious code but they use very dangerous PHP functions and constructions! Using such doesn’t recommend by PHP developers or looks very suspicious.”

wp-content/plugins/updraftplus/vendor/guzzle/guzzle/phar-stub.php

wp-content/plugins/updraftplus/vendor/kriswallsmith/assetic/src/Assetic/Extension/Twig/TwigFormulaLoader.php

wp-content/plugins/updraftplus/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php

Viewing 1 replies (of 1 total)

Moderator t-p
(@t-p)

7 years ago

I recommend posting at https://wordpress.org/support/plugin/updraftplus

Viewing 1 replies (of 1 total)

The topic ‘FYI: WP Plugin Security’ is closed to new replies.

In: Fixing WordPress
1 reply
2 participants
Last reply from: t-p
Last activity: 7 years ago
Status: not a support question

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics