Title: security issue w em-actions.php? Last modified: August 21, 2016 --- # security issue w em-actions.php? * Resolved [eqjosh](https://wordpress.org/support/users/eqjosh/) * (@eqjosh) * [12 years ago](https://wordpress.org/support/topic/security-issue-w-em-actionsphp/) * My “vaultpress” gives this warning “Dangerous and threatening code often used to attack sites.” re file em-actions.php: `call_user_func($_REQUEST['em_obj']);` * Is this a real issue? * [https://wordpress.org/plugins/events-manager/](https://wordpress.org/plugins/events-manager/) Viewing 6 replies - 1 through 6 (of 6 total) * Plugin Support [angelo_nwl](https://wordpress.org/support/users/angelo_nwl/) * (@angelo_nwl) * [12 years ago](https://wordpress.org/support/topic/security-issue-w-em-actionsphp/#post-5008012) * sorry not getting this issue; are you using the latest EM version ? * Thread Starter [eqjosh](https://wordpress.org/support/users/eqjosh/) * (@eqjosh) * [12 years ago](https://wordpress.org/support/topic/security-issue-w-em-actionsphp/#post-5008014) * Yes. * Vaultpress scans files in wordpress and issues security warnings about potentially dangerous code. They’ve issues a warning about the code above. * [caimin_nwl](https://wordpress.org/support/users/caimin_nwl/) * (@caimin_nwl) * [12 years ago](https://wordpress.org/support/topic/security-issue-w-em-actionsphp/#post-5008026) * I think this is a simplistic warning that doesn’t make a lot of sense – the code referred to by the error is only run if the user is logged in to the WordPress admin area, by which time they’ve already been through the standard WordPress security checks. * The code isn’t run on the front-end of the site. * Thread Starter [eqjosh](https://wordpress.org/support/users/eqjosh/) * (@eqjosh) * [11 years, 12 months ago](https://wordpress.org/support/topic/security-issue-w-em-actionsphp/#post-5008132) * I checked w/ Vaultpress and they agree with you, it’s a “false positive” — and I was told to mark this “ignore” — for anyone else getting this warning, below is the note. 🙂 – J * ``` ---------- Forwarded message ---------- From: Mikey Arce Date: Tue, Jun 17, 2014 at 7:56 AM Subject: Re: I need help with a security threat. premium > Is this code a serious problem, or maybe a false-positive? I asked on the > plugin's support forum, > http://wordpress.org/support/topic/security-issue-w-em-actionsphp, met > with uncertainty... Hi Josh, I looked at this code again with another developer and in this case, the security threats that we reported from the events manager plugin are indeed false-positives. You can go ahead and click on the "Ignore Threat" button your Security page here: https://dashboard.vaultpress.com/1785/security/ ``` * Plugin Support [angelo_nwl](https://wordpress.org/support/users/angelo_nwl/) * (@angelo_nwl) * [11 years, 11 months ago](https://wordpress.org/support/topic/security-issue-w-em-actionsphp/#post-5008158) * hello, * can you contact us at [security@wp-events-plugin.com](https://wordpress.org/support/topic/security-issue-w-em-actionsphp/security@wp-events-plugin.com?output_format=md) and include additional links and details please? * thanks * Plugin Author [Marcus (aka @msykes)](https://wordpress.org/support/users/netweblogic/) * (@netweblogic) * [11 years, 11 months ago](https://wordpress.org/support/topic/security-issue-w-em-actionsphp/#post-5008165) * I don’t think there’s a need to contact us in this case, ignore the above. We’re liasing with jetpack already to see if there’s something that can be done to prevent this. Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘security issue w em-actions.php?’ is closed to new replies. * ![](https://ps.w.org/events-manager/assets/icon-256x256.png?rev=3550347) * [Events Manager - Calendar, Bookings, Tickets, and more!](https://wordpress.org/plugins/events-manager/) * [Frequently Asked Questions](https://wordpress.org/plugins/events-manager/#faq) * [Support Threads](https://wordpress.org/support/plugin/events-manager/) * [Active Topics](https://wordpress.org/support/plugin/events-manager/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/events-manager/unresolved/) * [Reviews](https://wordpress.org/support/plugin/events-manager/reviews/) * 6 replies * 4 participants * Last reply from: [Marcus (aka @msykes)](https://wordpress.org/support/users/netweblogic/) * Last activity: [11 years, 11 months ago](https://wordpress.org/support/topic/security-issue-w-em-actionsphp/#post-5008165) * Status: resolved