Title: /package.module.attach_to_post.php base64_decode and eval Last modified: October 28, 2016 --- # /package.module.attach_to_post.php base64_decode and eval * Resolved [justinmarch](https://wordpress.org/support/users/justinmarch/) * (@justinmarch) * [9 years, 7 months ago](https://wordpress.org/support/topic/package-module-attach_to_post-php-base64_decode-and-eval/) * Is the file /package.module.attach_to_post.php supposed to have “base64_decode” and “eval” in it? * If not how do I delete this file without breaking Nextgen? * Justin Viewing 7 replies - 1 through 7 (of 7 total) * Plugin Contributor [photocrati](https://wordpress.org/support/users/photocrati/) * (@photocrati) * [9 years, 7 months ago](https://wordpress.org/support/topic/package-module-attach_to_post-php-base64_decode-and-eval/#post-8368575) * [@justinmarch](https://wordpress.org/support/users/justinmarch/) – Yes, those functions are being safely and correctly used in our plugin. * Thanks for asking! * – Cais. * [Rick Curran](https://wordpress.org/support/users/rickcurran/) * (@rickcurran) * [9 years, 7 months ago](https://wordpress.org/support/topic/package-module-attach_to_post-php-base64_decode-and-eval/#post-8375786) * I have just had my web host flag this file as potential malware due to these two functions, I’m hoping that they are able to whitelist them from their security scans. It’s just unfortunate that these two function feature so commonly in compromised PHP code! * Plugin Contributor [Imagely](https://wordpress.org/support/users/imagely/) * (@imagely) * [9 years, 7 months ago](https://wordpress.org/support/topic/package-module-attach_to_post-php-base64_decode-and-eval/#post-8392736) * [@rickcurran](https://wordpress.org/support/users/rickcurran/) – If your host is willing to disclose how they came to find the file as potential malware, we would be very interested. Could you submit a bug report here: [http://www.imagely.com/report-bug](http://www.imagely.com/report-bug) and provide the error reports, the name of the program they used to scan and any and all information they have about the malware alert. As Cais mentioned, the code is being safely and correctly used in our plugin, but we do take security reports seriously and want to know about any alerts. 🙂 * Thanks! Becky * [rockysingla](https://wordpress.org/support/users/rockysingla/) * (@rockysingla) * [9 years, 7 months ago](https://wordpress.org/support/topic/package-module-attach_to_post-php-base64_decode-and-eval/#post-8440346) * i am facing same issue on one of my website. * Plugin Contributor [photocrati](https://wordpress.org/support/users/photocrati/) * (@photocrati) * [9 years, 7 months ago](https://wordpress.org/support/topic/package-module-attach_to_post-php-base64_decode-and-eval/#post-8444871) * All – My host sent me a similar message, although it was just saying they quarantined the file versus any specifics … I’m still waiting for their response. * As it is, although the host did note the file was quarantined, it may just be an automated message as I am not seeing any issues on any of my test or live sites using NextGEN Gallery plugins currently with that host?! * As it is, if this does appear to produce issues on the site, please do send us a Bug Report and we will do what we can to mitigate it. * Thanks! * – Cais. * [Rick Curran](https://wordpress.org/support/users/rickcurran/) * (@rickcurran) * [9 years, 7 months ago](https://wordpress.org/support/topic/package-module-attach_to_post-php-base64_decode-and-eval/#post-8444905) * Hi, apologies, I’m afraid I never saw your reply from a couple of weeks back. I think in the case of my host they are just basically picking up on anything that has “base64decode” or “eval” appearing in it and flagging them up. In my case they were able to whitelist the file and exclude it from their security scans in future. * Plugin Contributor [photocrati](https://wordpress.org/support/users/photocrati/) * (@photocrati) * [9 years, 7 months ago](https://wordpress.org/support/topic/package-module-attach_to_post-php-base64_decode-and-eval/#post-8444946) * [@rickcurran](https://wordpress.org/support/users/rickcurran/) – Thanks for the update! * – Cais. Viewing 7 replies - 1 through 7 (of 7 total) The topic ‘/package.module.attach_to_post.php base64_decode and eval’ is closed to new replies. * ![](https://ps.w.org/nextgen-gallery/assets/icon-256x256.png?rev=2083961) * [Photo Gallery, Sliders, Proofing and Themes - NextGEN Gallery](https://wordpress.org/plugins/nextgen-gallery/) * [Frequently Asked Questions](https://wordpress.org/plugins/nextgen-gallery/#faq) * [Support Threads](https://wordpress.org/support/plugin/nextgen-gallery/) * [Active Topics](https://wordpress.org/support/plugin/nextgen-gallery/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/nextgen-gallery/unresolved/) * [Reviews](https://wordpress.org/support/plugin/nextgen-gallery/reviews/) * 7 replies * 5 participants * Last reply from: [photocrati](https://wordpress.org/support/users/photocrati/) * Last activity: [9 years, 7 months ago](https://wordpress.org/support/topic/package-module-attach_to_post-php-base64_decode-and-eval/#post-8444946) * Status: resolved