Jetpack finds threats in theme files

  • Member
    July 7, 2020 at 2:08 am #1014

    Problem text found by jetpack:

    This code pattern is often used to run a very dangerous shell programs on your server. The code in these files needs to be reviewed, and possibly cleaned.

    File where the threat was located

    /public_html/wp-content/plugins/wps-framework/functions/helpers.php

    Threatening lines of code (I marked in bold the indicated excerpt)

    69 function WPS_encode_string( $string ) {
    70 return rtrim( strtr( call_user_func( ‘base‘. ‘64‘ .’_encode’, addslashes( gzcompress( serialize( $string ), 9 ) ) ), ‘+/’, ‘-_’ ), ‘=’ );
    71 }

    83 function WPS_decode_string( $string ) {
    84 return unserialize( gzuncompress( stripslashes( call_user_func( ‘base’. ’64’ .’_decode’, rtrim( strtr( $string, ‘-_’, ‘+/’ ), ‘=’ ) ) ) ) );
    85 }

    Sorry, this forum is for verified users only. Please Login or Register to continue

Comments are closed.