Theme Authenticity Checker (TAC)
undetected links within theme files (2 posts)

  1. intimez
    Posted 2 years ago #

    If a theme includes a file that is hosted on another domain, it is not being detected. I found this out only when seeing odd load and photo not being displayed.

    -png file embeded in theme option section
    -java script widget from third party

    I believe plugin only look for "a href" but suggest that it searches for all URLs.


  2. romainsimon
    Posted 1 year ago #

    I found the same thing. TAC developement team should add images check

    <?php include (TEMPLATEPATH . '/images/social.png'); ?>

    Such a code is not detected as malicious by TAC. It seems to be an image, but when you open it, it contains in fact a Curl request that imports malicious code into your WordPress installation.

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Theme Authenticity Checker (TAC)
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic


No tags yet.