Malicious plugin not identified by wordfence

  • SJW

    (@whitsey)


    3 days, 22 hours ago

    I found and deleted a malicious plugin that was giving people backdoor access to the WP dashboard which wordfence didn’t recognise or alert me too. Is there a mechanism to submit this plugin for review to update wordfence malware signatures?

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    3 days, 11 hours ago

    Hi @whitsey,

    There certainly is. If you ever find files or plugins that seem suspicious and Wordfence isn’t picking them up, you can email them to samples @ wordfence . com and we’ll take a look. Any other background information you think will be useful can included in the email too.

    Our existing WAF signatures often protect against newer threats, but sometimes they can be packaged in a way the plugin hasn’t seen before.

    Many thanks,
    Peter.

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.