• Resolved dariobros


    on a few websites I have the plugin installed and during high sensitivity test I am getting these malware alert:

    is this serious or false positive?

    Severity: enMaliciousThreatType
    File: wp-content/plugins/mainwp-child/class/class-mainwp-child.php
    File signature: 4e370ed370fe96b464c62f73b23a54b2
    Threat signature: 9d6f6dec2d8a024f50ba7a47201c0c29
    Threat name: Heur.PHP.Encoded.gen
    Threat: $_REQUEST[‘f’]…
    Details: Detected malicious PHP REQUEST

Viewing 6 replies - 1 through 6 (of 6 total)
  • Hi @dariobros, thanks for reaching out.

    I strongly believe that this is a false positive. I had our dev team review the code to be 100% sure and they also confirmed that it’s a false positive.

    @dariobros can you please clarify if this FP detection occurred using high sensitivity scan?

    Thank you.

    Thread Starter dariobros


    yes, this was high sensitivity – elementor said that their errors were false positive, the same guys from rank math recommended to ignore the alert and using something different for testing.
    This has started with one problem – I am finding strange css 1 line file in Uploads/Elementor/Css which was breaking my page:


    this file named (post-12.css) keep reappearing when deleted.

    Why would someone write a code for body copy 1px? this is how it all started, and I ended up having lots of results from Quttera. (Wordfence however come out clean). My friend after typing in the adress of the domain get very strange results on her macbook.

    Some followup for the issue:

    We shortly will whitelist the detection to prevent this FP.

    Regarding the font size, 1px font could be used to inject spam text which will be visible only for Google robots

    Quttera Team.

    Thread Starter dariobros


    thanks for your replies, and for checking my query. I can now confirm that there was an issue with Elementor settings, for some reason it was creating a 1px value for body text. this was finally fixed after applying the settings from this website: https://docs.elementor.com/article/618-theme-style-global-settings

    best regards,

    Plugin Author mainwp


    Thank you for verifying that.

    I will go ahead and mark this topic as resolved.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Malware alert – Quttera scanner’ is closed to new replies.