Jetpack reports "malicious code pattern" in Container.php file

WordPress Event Management, Calendars & Registration Forums Report A Bug Jetpack reports "malicious code pattern" in Container.php file

This topic contains 2 replies, has 2 voices, and was last updated by  Benjamine Heath 11 months, 2 weeks ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
  • #39951


    I received this notification from my Jetpack plugin:

    The file Container.php contains a malicious code pattern
    Threat found (PHP_Generic_BadPattern_5)

    This code pattern is often used to run a very dangerous shell program on your server. The code in these files needs to be reviewed, and possibly cleaned.


    $extended = function ($c) use ($callable, $factory) {
    return $callable($factory($c), $c);

    Can you offer any advice on this?



    Benjamine Heath

    Hi Ben,

    The code is safe, and the warning is a false positive. It comes from the Pimple library which is used by the plug-in to provide dependency injection.

    It appears that Event Organiser isn’t the only plug-in to be caught by this:

    Stephen Harris

    Understood! Thanks for the clarification on this.

    Benjamine Heath
Viewing 3 posts - 1 through 3 (of 3 total)
To enable me to focus on Pro customers, only users who have a valid license for the Pro add-on may post new topics or replies in this forum. If you have a valid license, please log-in or register an account using the e-mail address you purchased the license with. If you don't you can purchase one here. Or there's always the WordPress repository forum.