WordPress.org

Support

Support » Plugins and Hacks » [Resolved] [Plugin: Wordfence Security] Feature request: Find malicious JPEG images

[Resolved] [Plugin: Wordfence Security] Feature request: Find malicious JPEG images

  • mprewitt3abn
    Member

    @mprewitt3abn

    Hackers can hide WP plugins at JPEG images, as explained on this website: http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/ … see the end of the section with subtitle “Hidden Code”.

    I’m not sure if the current version of WP is still susceptible to this hack, but I have found suspicious JPEG images on my own server in the same folder with known hacker script files. (The JPEG images were suspect because (a) they shouldn’t have been there, and (b) they wouldn’t open with an image viewer. So most likely there were code.)

    It would be nice if your scanner could identify such files.

    http://wordpress.org/extend/plugins/wordfence/

Viewing 2 replies - 1 through 2 (of 2 total)
  • mprewitt3abn
    Member

    @mprewitt3abn

    I meant to say “So most likely THEY were code” (i.e., hacker scripts).

    Plugin Author Wordfence
    Participant

    @mmaunder

    Thanks for this report.

    I’ve added this as a high priority issue for us to examine and if necessary we’ll ammend the Wordfence detection code to examine JPG’s for code.

    Regards,

    Mark.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘[Resolved] [Plugin: Wordfence Security] Feature request: Find malicious JPEG images’ is closed to new replies.