Malicious file flagged by WordFence
In the last two days I received the following warning from WordFence for four websites I manage:
File Type: Not a core, theme, or plugin file from wordpress.org.
Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is:
The infection type is: Vulnerable:PHP/duplicatorinstaller
Description: Potentially unsafe file generated by Duplicator backups which can allow malicious actors to execute arbitrary code.
The four websites are on three different hosts – HostMonster, Dreamhost and GoDaddy. Is there some vulnerability that is allowing hackers to inject code through the plugin? Or is this a false flag from WordFence?
- The topic ‘Malicious file flagged by WordFence’ is closed to new replies.