[Plugin: WP CleanFix] Remote Code Execution Warning
Love the plugin however when I conducted a scan with the 6scan plugin I received this warning: Malicious user could execute arbitrary code. The file in question being wpCleanFixAjax.php with the following guidelines:
1)Find the line that begins with ‘$command = strip_tags( $_POST[‘command’] );’
2)Append the next lines with the following:
Supposedly this only protects against anonymous execution, but non admins could still do this. I was wondering if this is an accurate warning.
- The topic ‘[Plugin: WP CleanFix] Remote Code Execution Warning’ is closed to new replies.