Support » Plugin: EWWW Image Optimizer » Malware reported: php.exe.globals.381.UNOFFICIAL

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author nosilver4u

    (@nosilver4u)

    Sounds like you’re using Linux Malware Detect, I’m looking into what triggers that rule, but I suspect it is just a generic one that triggers when php is using the exec() function. There would have to be a security breach with the WordPress plugin system for actual malware to be in that package.

    Okay, thanks. Yes, I believe it is using Linux Malware Detect.

    Plugin Author nosilver4u

    (@nosilver4u)

    I ran a scan myself with their latest signatures, and it only picked something up in older versions: 1.10 – 1.2.2. I’m going to contact the author of LMD to find out what that actually means. For a while, we were bundling an unpatched optipng, which nearly correlates to that time frame, but since then, we have been using the latest up to date version, so I’m not sure why you are getting a trigger on 1.3.8…

    Plugin Author nosilver4u

    (@nosilver4u)

    unable to get a response from the LMD folks. I’ve given the code a pretty thorough audit since the last release, and have not found anything wrong.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Malware reported: php.exe.globals.381.UNOFFICIAL’ is closed to new replies.