"Suspicious image file"

This topic contains 2 replies, has 2 voices, and was last updated by  Paul 8 years, 8 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
  • #3125

    Hi Stephen,

    I just had an email from my webhosts informing me that there was a “suspicious image file” on my server which they believed was a security vulnerability.

    Critical – Jan 25 23:07:05 dionysus cxs[49973]: [‘/home/XXXX/wordpress/wp-content/plugins/event-organiser/screenshot-2.jpg’] – Suspicious image file (hidden script file)

    Having examined the file, it is indeed a bit strange as it’s actually a PHP file with a jpg extension. It looks like this:

    > add_action(‘admin_menu’, ‘donations_overview_menu’); function
    > donations_overview_menu() {
    > add_options_page(‘Donations overview’, ‘Donations overview’, ‘manage_options’, ‘donations-overview’, ‘donations_overview’);}
    > function donations_overview() {
    > if (!current_user_can(‘manage_options’)) {
    > wp_die( __(‘You do not have sufficient permissions to access this page.’) );
    > }
    > echo ”;
    > echo ‘Here is where the form would go if I actually had options.’;
    > echo ”; }
    > ?>

    I assume it’s safe to delete this file for now?



    Hi Paul,

    Yes, please delete the file. (Screen shots are only ever needed on the repository anyway).

    I’ve looked into whats happened – and it appears to have been an error on my part (at least its present in the GitHub repository) rather than being a hacked copy. The code itself is harmless, but nor are the screenshots necessary.

    I shall fix this in 1.7. Apologies for any inconvenience.

    Stephen Harris

    Thanks. Figured it was likely something like a change management issue. All sorted.

Viewing 3 posts - 1 through 3 (of 3 total)
To enable me to focus on Pro customers, only users who have a valid license for the Pro add-on may post new topics or replies in this forum. If you have a valid license, please log-in or register an account using the e-mail address you purchased the license with. If you don't you can purchase one here. Or there's always the WordPress repository forum.