Support » Plugin: Acunetix Secure WordPress » [Plugin: Secure WordPress] Code injection Scanner

  • Resolved danka


    Would be cool if you make a scanner to check for code injection in all code files [php, js, css] and database, I mean code injection like this ones, but not limited to:

    There are also some injections that some guys do in Free themes ans some free plugins… for example, they try to include a URL in many places as possible, including external image links to get who is using their theme/plugin verifying by link reference, this could be solved hiding the referer in external links, or just removing the link. I think this feature is desired to avoid being target.


Viewing 2 replies - 1 through 2 (of 2 total)
  • yes, this plugin use bas64_decode for view very fast images via base64 string and not a http-request. The scanner scna only for the function, not what to do the function.

    Sorry, I think I was not clear enough…

    I was referring to people that offer Themes and plugins for free, and some times they hide codes using some of the techniques I told in my first post… and such hided code could represent a problem… for example, say that the hided code inject things on DB or in other files or do something worst… so, the propose is to add a scanner in this plugin to check for encoded hided codes in the Themes and plugins and maybe in all other WP files…

    If someone cant understand yet what I am saying… take a look on the plugin TAC… this plugin is limited only to scan Themes, and it dont check for all types of code injection…


Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘[Plugin: Secure WordPress] Code injection Scanner’ is closed to new replies.