gmariani405
Forum Replies Created
-
Forum: Plugins
In reply to: [Page Links To] Wordfence – Plugin may be abandonedyeah i did the same thing. wasn’t sure if a new developer took over and pushed a weird release. but yeah, just a lot of dev stuff included by accident i assume.
On v4.92, again, i don’t think a plugin to restore widgets should have any business scanning a site for malware.
PHP Fatal error: Uncaught Error: Call to undefined function BillSecurity\IntegrityScanner\get_core_checksums() in /html/wp-content/plugins/restore-classic-widgets/includes/catch-malware/class_bill_catch_malware.php:621“and using the standard WordPress one” – What standard one? They removed the Widget feature, that’s why your plugin exists… right?
Also, I logged on to a client site today and saw a Security Alert at the top, which I know understand comes from your plugin. It complained about a mu-plugin and claimed it’s possibly a hacker intrusion and malware presence and listed 1020 files… It’s just a plugin that isn’t in the WordPress directory. But anyone who didn’t know better would be scared and think there is actually a problem. This is a terrible feature and causing more harm than good. Can i turn it off somehow? Or just switch from your plugin to this “standard” one that doesn’t have all this scareware?
Bill,
Thanks for the reply. I don’t believe it is malware, or that the site is infected, or that the installation of the plugin we have from you is infected. Just that it’s being flagged as such. Below is a report we received from our host Nexcess/LiquidWeb:
MALWARE DETAILS
Below are details of the affected files:
HOST: cloudhost-11111.us-midwest-2.nxcli.net
SCAN ID: 260107-0116.37559
STARTED: Jan 7 2026 01:16:02 +0000
COMPLETED: Jan 7 2026 02:30:32 +0000
ELAPSED: 4470s [find: 40s]
PATH: /home/
RANGE: 1 days
TOTAL HITS: 1
FILE HIT LIST:
/chroot/home/1111111/example.com/html/wp-content/plugins/restore-classic-widgets/includes/catch-malware/class_bill_catch_malware.phpThis was their explanation: “The plugin includes malware-detection signatures, which caused Maldet to incorrectly flag it during heuristic scanning.” I don’t know if theirs is configured differently than yours, but it flagged three of my sites using your plugin.
I don’t need or want to install AntiHacker plugin at this time as I never thought the plugin was infected or the site was infected. All three sites have Wordfence installed and those report fine, the issue was MalDet. With that said, if you could, please answer my question on why a plugin for Classic Widgets even has a malware scanner built into it?
“I am exploring what other measures I can take” – Would removing the malware scanner in the plugin be an option? Ideally those functions should be separate.
Forum: Plugins
In reply to: [Instapage Plugin] Vulnerable to Cross Site Request Forgery (CSRF)they push out a new update, ignore the security vulnerability. when is this getting fixed?
Forum: Plugins
In reply to: [Rescue Shortcodes] Rescue Shortcodes <= 3.1 – Authenticated Stored XSSi see its patched to v3.3 but was the security issue resolved?
Forum: Plugins
In reply to: [Page-list] Vulnerability in version 5.8“Reported by zaim
30 Jul 2025″You guys were notified back in July???
It’s still vulnerable in 2.0.9.6 – https://patchstack.com/database/wordpress/plugin/master-addons/vulnerability/wordpress-master-addons-plugin-2-0-6-6-cross-site-scripting-xss-vulnerability?_a_id=350
@moderator This is still the same issue, it just hasn’t been patched for the last couple versions. This is to indicate that this issue is NOT resolved. It’s the same thing as what @charlespage posted on this very ticket to notify the developer. Not trying to discuss a separate topic, just continue this existing topic.
While it does help to resave all settings. It should be more cautious in how it’s checking for variables. Us isset(), or array_key_exists() to determine if an entry exists otherwise it will throw a warning. Thanks.
@wfpeter trying one last time before starting another thread
@wfpeter tagging you just in case you didn’t see my previous reply.
any idea when the update will be released so i can test it out? If it could just even do a simple search in posts for a URL that would probably increase the accuracy a ton. i don’t know what it does now, but I got a ton of false positives just searching using the built-in wordpress feature. looking forward to a patch!
- “Debugging Options” – already checked
- “Start scan remotely” – already unchecked
- Left the other settings the same from the previous test
[Dec 12 10:25:00] Scanning contents: wp-content/plugins/modern-events-calendar-lite/app/api/addons-api/mec-extra-content/social-poster-addon.svg (Size: 4.42 KB Mem: 34 MB)
[Dec 12 10:25:00] Scanning contents: wp-content/plugins/updraftplus/includes/handlebars/handlebars.runtime.js (Size: 73.17 KB Mem: 34 MB)
[Dec 12 10:25:00] Scanned contents of 5985 additional files at 21.56 per second
[Dec 12 10:25:00] Scanning contents: wp-content/plugins/elementor-pro/modules/display-conditions/conditions/base/date-condition-base.php (Size: 2.45 KB Mem: 34 MB)
[Dec 12 10:25:00] Scanning contents: wp-content/plugins/modern-events-calendar-lite/app/api/Twilio/Rest/Chat/V2/Service/User/UserBindingOptions.php (Size: 2.66 KB Mem: 34 MB)
[Dec 12 10:25:00] Scanning contents: wp-content/plugins/elementor-pro/core/app/assets/js/ui/connect-button.js (Size: 956 B Mem: 34 MB)
[Dec 12 10:25:00] Scanning contents: wp-content/plugins/modern-events-calendar-lite/app/api/Twilio/Rest/Preview/Sync/ServiceInstance.php (Size: 5.51 KB Mem: 34 MB)
[Dec 12 10:25:00] Scanning contents: wp-content/plugins/modern-events-calendar-lite/app/api/Twilio/Rest/FrontlineApi/V1/UserPage.php (Size: 1.57 KB Mem: 34 MB)
[Dec 12 10:25:00] Scanning contents: wp-content/plugins/elementor-pro/vendor_prefixed/php-di/phpdoc-reader/src/PhpDocReader/AnnotationException.php (Size: 197 B Mem: 34 MB)
[Dec 12 10:25:00] Scanning contents: wp-content/plugins/modern-events-calendar-lite/app/core/puc/Puc/v4p11/DebugBar/Panel.php (Size: 5.17 KB Mem: 34 MB)
[Dec 12 10:25:00] Scanning contents: wp-content/plugins/updraftplus/addons/morefiles.php (Size: 56.17 KB Mem: 34 MB)
[Dec 12 10:25:00] Scanning contents: wp-content/plugins/updraftplus/vendor/composer/autoload_real.php (Size: 1.58 KB Mem: 34 MB)
[Dec 12 10:25:01] Forking during malware scan (13068) to ensure continuity.
[Dec 12 10:25:01] Entered fork()
[Dec 12 10:25:01] Calling startScan(true)
[Dec 12 10:25:01] Got value from wf config maxExecutionTime: 20
[Dec 12 10:25:01] getMaxExecutionTime() returning config value: 20
[Dec 12 10:25:01] Cached result for scan start test: true
[Dec 12 10:25:01] Starting cron with normal ajax at URL https://example.com/wp-admin/admin-ajax.php?action=wordfence_doScan&isFork=1&scanMode=custom&cronKey=56f6e08ecc008f55025963424dcb5ad6&signature=c81f34a0b2aaa106821bbab03b0ad6106222357ba6b8782aaa2ba0aaece10919
[Dec 12 10:25:04] Scan process ended after forking.It ends with this message:
Scan Stage Failed A scan stage has failed to start. This is often because the site either cannot make outbound requests or is blocked from connecting to itself. Wordfence will make up to 2 attempts to resume each failed scan stage. This scan may recover if one of these attempts is successful. Click here for steps you can try. (opens in new tab)The only error messages are from a known bug i reported to Elementor already ( https://github.com/elementor/elementor/issues/25836 ):
[12-Dec-2024 13:11:37 UTC] PHP Warning: Attempt to read property "ID" on null in /chroot/home/html/wp-content/plugins/elementor-pro/modules/posts/skins/skin-content-base.php on line 226
[12-Dec-2024 13:11:37 UTC] PHP Warning: Attempt to read property "ID" on null in /chroot/home/html/wp-content/plugins/elementor-pro/modules/posts/skins/skin-content-base.php on line 233
[12-Dec-2024 13:11:37 UTC] PHP Warning: Attempt to read property "ID" on null in /chroot/home/html/wp-content/plugins/elementor-pro/modules/posts/skins/skin-content-base.php on line 238
[12-Dec-2024 13:11:37 UTC] PHP Warning: Attempt to read property "ID" on null in /chroot/home/html/wp-content/plugins/elementor-pro/modules/posts/skins/skin-content-base.php on line 244
[12-Dec-2024 13:11:37 UTC] PHP Warning: Attempt to read property "ID" on null in /chroot/home/html/wp-content/plugins/elementor-pro/modules/posts/skins/skin-content-base.php on line 250
[12-Dec-2024 13:11:37 UTC] PHP Warning: Attempt to read property "ID" on null in /chroot/home/html/wp-content/plugins/elementor-pro/modules/posts/skins/skin-content-base.php on line 271I did a test run:
– “Maximum execution time for each scan stage” was already set to 20 so that was no change
– WP_MEMORY_LIMIT – I set this to 256M
– max_execution_time – I set this to 60Did a scan with the execution time to 60, it failed. Did a scan with both the execution time and memory limit set, failed again. This is with all plugins updated and wordpress on 6.7.1 and wordfence on 8.0.1. Let me know if you want me to try anything else.
@wfpeter Thanks for following up, honestly it’s hard juggling support tickets with lots of different vendors, especially during the holidays i kinda lost track of this. I’ll give those a shot and let you know if i make any progress.