I have found suspicious looking code on line 351 inside the wordtwit/include/oauth-twitter.php as follows:
eval( base64_decode( ‘ZGVmaW5lKCAnV09SRFRXSVRfT0FVVEhfQ09OU1VNRVJfU0VDUkVUJywgJ0cxWkVTQjVXUGpDVDE4dVhDeldxNVZxbHBtdDdKanNVYVN0ZG5Gd3dhdycgKTs=’ ) );
To me, this looks suspicious. Please confirm that this is part of your original coding and why you chose to make it this way.
Note: This is from a fresh download as of today from wordpress.org plugin page.
- The topic ‘[Plugin: WordTwit] Suspicious Code base64_decode ( 'ZGVma’ is closed to new replies.