Support » Plugin: Slimstat Analytics » Malicious Code detected

  • Resolved Conrad-GZ

    (@conrad-gz)


    Scanned my Site with Quttera Web Malware Scanner two malicious Scans are detected:

    1)
    Severity: enMaliciousThreatType
    File: /wp-content/plugins/wp-slimstat/admin/config/maintenance.php
    File signature: 5888209ebdd7df9ac51dc7a11f6db1da
    Threat signature: 9d6f6dec2d8a024f50ba7a47201c0c29
    Threat: $_REQUEST[‘f’]…
    Details: Detected malicious PHP REQUEST

    2)
    Severity: enMaliciousThreatType
    File: /wp-content/plugins/wp-slimstat/…/wp-slimstat-reports.php
    File signature: 2e28fbaf20c9304d11e56ac6664e53ae
    Threat signature: f968ed48652d44e54b59fd61be8aa2a5
    Threat: <?php class wp_s
    Details: Potentially Malicious obfuscated PHP threat

    Is it malicious code indeed or harmless code by slimstat?
    If malicious what´s to do?

    Thanks for reply.
    Conrad

Viewing 6 replies - 1 through 6 (of 6 total)
  • Became a bit nervous.
    Thanks for quick response!
    Conrad

    Plugin Author Jason Crouse

    (@coolmann)

    Thank you for looking into this so quickly. Please remember to disclose any vulnerabilities in a responsible way, by letting us know about it before sharing it with the world, so that we have time to address the problem!

    Best,
    Jason

    Jason,

    sorry, but I was not awared that this issue is a problem of vulnerability. I just had in mind that it is an infection of my site particularly. So don`t accuse my chosen practice.

    Kind regards,
    Conrad

    Plugin Author Jason Crouse

    (@coolmann)

    Conrad, sorry if it looked like I was “accusing” you. Mine was just a friendly reminder to make sure to let us know if something is wrong with the plugin from a security standpoint. Apologies if that came out wrong.

    Cheers,
    Jason

    Jason,
    no problem, man. My site hasn´t been hacked. So i can reassured retreat slowly in the peaceful atmosphere of the upcoming holidays.

    Merry Christmas.
    Conrad

    Plugin Author Jason Crouse

    (@coolmann)

    Happy holidays to you too!!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Malicious Code detected’ is closed to new replies.