Support » Plugin: Theme Authenticity Checker (TAC) » undetected links within theme files

  • If a theme includes a file that is hosted on another domain, it is not being detected. I found this out only when seeing odd load and photo not being displayed.

    -png file embeded in theme option section
    -java script widget from third party

    I believe plugin only look for “a href” but suggest that it searches for all URLs.

Viewing 1 replies (of 1 total)
  • I found the same thing. TAC developement team should add images check

    <?php include (TEMPLATEPATH . '/images/social.png'); ?>

    Such a code is not detected as malicious by TAC. It seems to be an image, but when you open it, it contains in fact a Curl request that imports malicious code into your WordPress installation.

Viewing 1 replies (of 1 total)
  • The topic ‘undetected links within theme files’ is closed to new replies.