Home Forums Newsletter Plugin Support Security plugin alert me on a Malicious file

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
  • #27502

    Wordfence Security alerts me on a suspected malicious file in newsletter folder.

    This happen after I updated the newsletter plugin yesterday.

    this is the message:

    File appears to be malicious: wp-content/plugins/newsletter/js/ace/mode-php.js
    Filename: wp-content/plugins/newsletter/js/ace/mode-php.js
    File type: Not a core, theme or plugin file.
    Issue first detected: 10 hours 45 mins ago.
    Severity: Critical
    Status New
    This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: “EvalError|InternalError|RangeError|ReferenceError|StopIteration|SyntaxError|TypeError|URIError|decodeURI|decodeURIComponent|encodeURI|encodeURIComponent|eval|isFinite|isNaN|parseFloat|parseInt|JSON|Ma…”. The infection type is: Suspicious eval with base64 decode..

    is this safe otherwise i will delete the entire plugin.

    Thank you.


    Already contacted wordfence, this is a false positive since the ace library is ok and they’re aware of it.


Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.