Support » Plugin: Sensei LMS » Malicious Content Warning fromWordfence

  • Resolved akshaysynergytop

    (@akshaysynergytop)


    Hi Support,
    I am using your plugin and it has very exciting feature. Its very nice thing that you guys have implemented.
    There is on concern regarding this plugin I am using wordfence as a security plugin on site its giving me some security issue mails that a file in your plugin has some code which malicious and used by Hackers to hide their codes.
    Below are the 2 files which is causing this warning mails * This file may contain 1. domainname/wp-content/plugins/woothemes-sensei/includes/class-sensei-utils.php

    2. domainname/wp-content/plugins/woothemes-sensei/includes/class-sensei-utils.php
    above 2 files has a “eval” function is it thats malicious to website according to Wordfence reports.
    Please check ASAP and let me know your thinking on this.
    Thank You

Viewing 1 replies (of 1 total)
  • Plugin Author Donna Peplinskie

    (@donnapep)

    Hello,

    It seems that WordFence is issuing false positives here. There are no instances of eval in that file or in any of the Sensei LMS codebase.

    I believe what it’s finding is the doubleval function, which contains the word eval. You can safely ignore those warnings.

    Thx.

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.