Scan not detecting new exploit | WordPress.org

Chuggnutt
(@chuggnutt)

11 years, 1 month ago

It looks like Wordfence scan is not detecting the (new) type of exploit code described here: http://blog.sucuri.net/2014/10/wordpress-websites-continue-to-get-hacked-via-mailpoet-plugin-vulnerability.html

I’ve just been doing a major clean of a server with a number of plugin and theme files (as well as core) with this type of code at the top; I can provide a full example as needed, but Wordfence detected no problems with the site even after I manually confirmed this exploit code was in place.

https://wordpress.org/plugins/wordfence/

Viewing 3 replies - 1 through 3 (of 3 total)

WFBrian
(@wfbrian)

11 years, 1 month ago

Thanks for the heads-up. I’ll pass this on to the team.

Thanks!
Brian

WFSupport
(@wfsupport)

11 years, 1 month ago

Can you send it to samples (at) Wordfence.com. Make sure and include any file locations code was found in or other pertinent details. We appreciate your help

Tim

Thread Starter Chuggnutt
(@chuggnutt)

11 years, 1 month ago

Sent, thanks!

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Scan not detecting new exploit’ is closed to new replies.

3 replies
3 participants
Last reply from: Chuggnutt
Last activity: 11 years, 1 month ago
Status: not resolved