"Suspicious image file"

This topic contains 2 replies, has 2 voices, and was last updated by  Paul 8 years, 8 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #3125

    Hi Stephen,

    I just had an email from my webhosts informing me that there was a “suspicious image file” on my server which they believed was a security vulnerability.

    Critical – Jan 25 23:07:05 dionysus cxs[49973]: [‘/home/XXXX/wordpress/wp-content/plugins/event-organiser/screenshot-2.jpg’] – Suspicious image file (hidden script file)

    Having examined the file, it is indeed a bit strange as it’s actually a PHP file with a jpg extension. It looks like this:

    > add_action(‘admin_menu’, ‘donations_overview_menu’); function
    > donations_overview_menu() {
    > add_options_page(‘Donations overview’, ‘Donations overview’, ‘manage_options’, ‘donations-overview’, ‘donations_overview’);}
    >
    > function donations_overview() {
    > if (!current_user_can(‘manage_options’)) {
    > wp_die( __(‘You do not have sufficient permissions to access this page.’) );
    > }
    > echo ”;
    > echo ‘Here is where the form would go if I actually had options.’;
    > echo ”; }
    >
    > ?>

    I assume it’s safe to delete this file for now?

    Thanks,
    Paul

    Paul
    #3129

    Hi Paul,

    Yes, please delete the file. (Screen shots are only ever needed on the repository anyway).

    I’ve looked into whats happened – and it appears to have been an error on my part (at least its present in the GitHub repository) rather than being a hacked copy. The code itself is harmless, but nor are the screenshots necessary.

    I shall fix this in 1.7. Apologies for any inconvenience.

    Stephen Harris
    #3143

    Thanks. Figured it was likely something like a change management issue. All sorted.

    Paul
Viewing 3 posts - 1 through 3 (of 3 total)
To enable me to focus on Pro customers, only users who have a valid license for the Pro add-on may post new topics or replies in this forum. If you have a valid license, please log-in or register an account using the e-mail address you purchased the license with. If you don't you can purchase one here. Or there's always the WordPress repository forum.