Support » Plugin: Wordfence Security - Firewall & Malware Scan » Injection not revealed by scan, can I show you injected code?

  • Resolved Webartisan

    (@webartisan)


    Recently I had a website with

    <script>

    tags injected in all the post_content column in _posts table.
    I cleaned it up as soon as possible by removing the malicious content from the table but I also kept a textual copy of the injected code for reference.

    Is there a secure way to let you be notified about this code (i.e. sending the text I found) in order to maybe add this to your library if not already present? The scan didn’t revealed it as a malicious code.

Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Support WFGerroald

    (@wfgerald)

    Hey @webartisan,

    Happy to hear you were able to track this down and remove it. If you’d like to share the code I can share it with the developers. You can email me at wftest@wordfence.com. Please include a link to this thread and your WordPress username.

    Thanks for sharing this.

    Gerroald

    Hi @wfgerald,
    Thank you for your quick reply.
    I just sent the email as suggested.

    Plugin Support WFGerroald

    (@wfgerald)

    Hey @webartisan,

    I just wanted to let you know that I’ve received your email, and will be sure to share it with the team.

    Thanks again for sharing.

    Gerroald

    Thank you Gerroald.
    M.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Hi @jdembowski
    I don’t require support. I just replied to @webartisan about the recent injections I have experienced and shared some server stats, maybe we can figure out a common element which might’ve triggered the contamination.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    NOTE: I’m not ascribing any ill will to anyone. I just want to get that out of the way. 😉

    These are contradictory.

    I don’t require support.

    maybe we can figure out a common element which might’ve triggered the contamination.

    That’s more of a question on the author’s site. This forum is for supporting the plugin code and users of that code. It’s not malware fighting forums and each topic is for the person who started it. It’s to sort out the problem of the original poster and your replies are about what you’ve observed on your site.

    For something like this, collaborating doesn’t work here. If you have this on your site, if you are seeing that then please start your own topic. That’s how these forums work and have always worked.

    Or you can remove your own problem and focus on the original poster’s site specifically.

    @jdembowski I will stop posting here, I get your point. However, I guess it wouldn’ve been easier for other users to get a solution since when you type “injection post_content _posts table” on Google, you reach this page.

    @webartisan asked me to list some plugins I’m using for the injected sites. So I did. I apologise if it’s against the good practice forum rules.

    Hi @jdembowski
    Just for the correctness of discussion I proposed @magefix to compare some settings to check if we could have some more details to the research of solution.

    But I also understand that now the discussion it’s becoming off topic so we’re not continuing it here.

    I also apologise if my request was out of the forum rules. Didn’t mean to that.
    I think we both wanted to give more aspects of the problem that could help both plugin author and interested user to spot the problem.

    • This reply was modified 4 months, 1 week ago by Webartisan.
    • This reply was modified 4 months, 1 week ago by Webartisan.
Viewing 10 replies - 1 through 10 (of 10 total)
  • You must be logged in to reply to this topic.