[resolved] Malicious content warning message (10 posts)

  1. edtorrey
    Posted 2 years ago #

    We like your plugin. Our Wordfence security plugin is raising a malicious content warning message. Please take a look and let us know what is going on.

    Wordfence Message -------------------------
    This file may contain malicious executable code
    Filename: dev/wp-content/plugins/subscribe2/extension/readygraph/admin.php
    File type: Not a core, theme or plugin file.
    Issue first detected: 45 secs ago.
    Severity: Critical
    Status New
    This file is a PHP executable file and contains the word 'eval' (without quotes) and the word 'base64_decode(' (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans.


  2. edtorrey
    Posted 2 years ago #

    We notice that the "readygraph" content is included as a plugin extension.
    What bad thing will happen if we remove the extension?

    We know the risk of having to repeat the process each time an update occurs.

    We do not want any part of our user list communicated outside our web site environment.

  3. mattyrob
    Posted 2 years ago #


    If you just remove the file you will probably get a fatal error.

    Try the steps here:

  4. edtorrey
    Posted 2 years ago #

    I permissioned readygraph to 644 (no execute) as a trial. So far the push notifications are still coming.

  5. tanaylakhani
    Plugin Author

    Posted 2 years ago #

    Hi @edtorrey

    Those warnings are absolutely safe. You can skip it from future scans. Basically, base64_decode is for encoding and decoding the disconnect action, you can check on line 31 and 144 of admin.php file

    And eval is basically setting the wordpress settings on the readygraph.js file settings.

    If you disconnect the readygraph, your userlist will never be communicated to readygraph.

  6. tanaylakhani
    Plugin Author

    Posted 2 years ago #

    What do you mean by push notifications? Which notifications you want to stop?

  7. edtorrey
    Posted 2 years ago #

    By Push notifications, I mean that Subscribe2 is able to send emails to addressees as expected. I meant it as a footnote to having set execute permissions to OFF for the readygraph extension.

    When you say "disconnect" readygraph, I am not sure what you mean. We did not activate readygraph. The tab appears in the admin panel and menu widget. We did not follow through.

    If we did not fulfill any readygraph action, does that mean we are not connected?

    So that would mean that when you say disconnect, it is on the assumption a person has enabled the readygraph extension. Yes?

    Many thanks for your reply.

  8. tanaylakhani
    Plugin Author

    Posted 2 years ago #

    When you enable the plugin, it will take you to Readygraph connect page. If you dont connect, you have not activated the extension. And you can use subscribe2 as is. No communication will take place between your site and readygraph

  9. edtorrey
    Posted 2 years ago #

    Thank you for the clarification. That is sufficient for me.

  10. tanaylakhani
    Plugin Author

    Posted 2 years ago #

    Glad to help

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Subscribe2
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic


No tags yet.