All it does is scan your fields for instances of "eval" and "base64_decode" and flags them as severe (both of which are used fairly widely by plugins anyway). It even flags its own readme as being potentially malicious. What a waste of time.
Found a few files that had been hacked. Thanks for finding them.
Great plugin for devs, finds pretty much anything, Wordfence did not!
Keep up the good work Dev!
Used the plugin to discover a few infected files not detected by other security plugins. It works great if you manage to identify the infected files in the loong list. Yes, a lot of the listed files are clean.
it detected core file changes by codes base64_decode('IyBCRUdJTiBXb3JkUHJlc3MKPEl...
I could find some files I didn't catch nor wordfence. I had a very malicious hacker on a website and it was really dirty.
Really too many false positives. So what I'm supposed to do now?
No error message besides the 'Error occurred' message. This is clearly broken, at least for WP multisites.
Must plugin for a WordPress web site. You can use it in combo with kali linux, and build a secure wall to your web site..
After grabbing the latest hash tags from https://github.com/philipjohn/exploit-scanner-hashes, I was able to get this to scan my site. Awesome work!
You must log in to submit a review. You can also log in or register using the form near the top of this page.