WordPress.org

Forums

UpdraftPlus Backup and Restoration
[resolved] lfd suspicious files (4 posts)

  1. dubh
    Member
    Posted 1 year ago #

    Why does this plugin drop writable file in public tmp/ for anyone to modify?

    File: /tmp/public_html.20356221.225017/public_html/wp-includes/class-http.php
    Reason: Script, file extension
    Owner: borang:borang (518:517)
    Action: Moved into /var/lib/csf/suspicious.tar

    https://wordpress.org/plugins/updraftplus/

  2. David Anderson
    Member
    Plugin Author

    Posted 1 year ago #

    Hi,

    Sir, I never started beating my wife!
    https://en.wikipedia.org/wiki/Loaded_question

    i.e. There is no such code. UD only has code to create zip files, not to create copies of individual files... and the various PHP zip modules all create their temporary files (which are again all zip files, not copies of individual files) in wp-content/updraft.

    David

  3. dubh
    Member
    Posted 1 year ago #

    Lady, I doubt you have a wife pussy.
    Judging by your answer this code leaves a big hole for hackers.

  4. David Anderson
    Member
    Plugin Author

    Posted 1 year ago #

    To speak plainly: you're in the wrong forum... something else has created those files on your server, but not UD.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.