- This topic has 1 reply, 2 voices, and was last updated 7 years, 1 month ago by
.
-
Posts
-
For some time now, Wordfence has been flagging emember-affiliate-leads.php as malicious. The details from Wordfence are as follows:
File appears to be malicious: wp-content/plugins/emember-affiliate-leads/emember-affiliate-leads.php
Filename: wp-content/plugins/emember-affiliate-leads/emember-affiliate-leads.php
File Type: Not a core, theme or plugin file.
Issue First Detected: 1 day 8 hours ago.
Severity: Critical
Status New
This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: “$referrer = $_COOKIE;x0dx0ax09 $buyer_email = $wpdb->escape($fields);x0dx0ax09 $reference = “Level ID: “.$fields;x0dx0ax09x09$buyer_name = $fields.” “.$fields[‘la…”. The infection type is: G212 – variation 2.
Obviously, I can ignore the file in future scans, but I’d rather not use a program that can be considered malicious.
Is there a way to modify the code in affiliate leads to NOT appear to be malicious and resemble a “known malicious file”?
Thanks,
Mark
Your file for that addon looks to have been modified for sure. That addon shouldn’t have anything like the following in there:
x0dx0ax09Please delete that copy of the addon you have and then download a new copy and install it (so the code is refreshed)
- You must be logged in to reply to this topic.