[resolved] Open Hook eval()'d code on line 7 (5 posts)

  1. Bilal Ahmad
    Posted 3 years ago #

    I am using Sucuri.net to monitor my blog. I received a security warning message that site error detected in "Open Hook" Plugin. It is pointing me to the following code.

    eval()'d code</b> on line <b>7</b>

    This code is in the line 236 of plugins/thesis-openhook/index.php

    I have very limited knowledge about coding. Kindly guide me how to resolve this issue.

    Thank You


  2. Rick Beckman
    Plugin Author

    Posted 3 years ago #

    Is there an actual error on your site, or is Securi just complaining that OpenHook evaluates code?

    If everything is working on your site, I'd ignore the Securi warning. It's well known that OpenHook evaluates user-input PHP code, and yes, that is a huge security risk, but it's no more insecure than allowing users to edit files (which WordPress does allow) or editing files via FTP.

  3. Bilal Ahmad
    Posted 3 years ago #

    Thank You BrazenlyGeek for your replay.

    Actually the problem was not in Open Hook Plugin but there was a short code for a plugin and that plugin was disable.

    After removing the shortcode from Open Hook, the Sucuri.net warning message disappeared.

    Once again thank you for your replay.

  4. Rick Beckman
    Plugin Author

    Posted 3 years ago #

    Glad to hear you got this sorted, Bilal! I've been researching a couple different methods of capturing OpenHook's output and bailing out on any particular hook that throws an error due to supplied code, but I've not come across any that seem like they'd work in this setup, which is unfortunate.

  5. Rick Beckman
    Plugin Author

    Posted 3 years ago #

    Marking this as resolved.

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • OpenHook
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic