Support » Plugins and Hacks » [Plugin: WordPress Exploit Scanner] False positive for JavaScript eval()

Viewing 5 replies - 1 through 5 (of 5 total)
  • See “eval(” in that string? That’s ok.

    elfcurry

    (@elfcurry)

    ic_html/*****/wp-includes/classes.php(113) : eval()’d code(1) : eval()’d code on line 1

    )’d code(1) : eval()’d code on line 1

    Line 1 of that file is just ‘<?php’
    and line 113 is ‘*’ within a comment.

    The identical error is reported 8 times and a search doesn’t show ‘eval’ except within a comment.

    Can someone interpret please?

    elfcurry

    (@elfcurry)

    What the error report appears to say is that it thinks it’s found ‘eval()’ on either line 1 or line 113 of classes.php but which? That text does not appear on either line 1 or 113, only in a comment elsewhere. Why the additional repeated snippet, and why report the identical error 8 times?

    As this is my first time using this, I’d appreciate some guidance as to whether I should just ignore this. Thanks.

    elfcurry – I’m not sure why you’re seeing this error when the string isn’t there but perhaps you should copy classes.php from a new download of WordPress over your copy (assuming you’re running the latest WP?) just to be safe.

    elfcurry

    (@elfcurry)

    Thanks donncha, I’ve copied a fresh classes.php file over the one it complains about. It’s worrying that it complains about something which I can’t see – did it find something genuine but get confused and point to the wrong place?

    Can you say whether it was line 1 or 113 or something else it didn’t like?

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘[Plugin: WordPress Exploit Scanner] False positive for JavaScript eval()’ is closed to new replies.