Okay
  Public Ticket #2795617
malicious code pattern
Closed

Comments

  • David started the conversation

    Jetpack has identified malicious code in my YellowPencil plugin.  I'm going to delete plugin, but please advise how to re-establish safely.

    The file yellow-pencil.php contains a malicious code pattern

    Threat found (PHP_Generic_BadPattern_7)

    What was the problem?

    This code pattern is often used to run a very dangerous shell program on your server. The code in these files needs to be reviewed, and possibly cleaned.

    The technical details

    Threat found in file:

    /home/wp_zb4a6c/aimonephoto.com/wp-content/plugins/waspthemes-yellow-pencil/yellow-pencil.php

    3264
    3265
    3266

    function yp_decode($value) {
    $func = 'base64' . '_decode';
    return $func($value);

    Resolving the threat

    Jetpack Scan cannot automatically fix this threat. We suggest that you resolve the threat manually: ensure that WordPress, your theme, and all of your plugins are up to date, and remove the offending code, theme, or plugin from your site.

    If you need more help to resolve this threat, we recommend...


    Attached files:  Screen Shot 2021-06-06 at 5.15.46 PM.png

  •  344
    David replied

    Hi don’t worry about it. It’s false alarm. That function is part of our plugin and it’s responsible for parsing the CSS.

    Best regards,
    WaspThemes team

    And don't forget to rate our plugin, it means a lot to us!

  • David replied

    Is it safe to reinstall then?

  •  344
    David replied

    Yep, totally safe to usesmile.png

    Best regards,
    WaspThemes team

    And don't forget to rate our plugin, it means a lot to us!

  • David replied

    Thanks!

  •  344
    David replied

    You're welcome!

    Best regards,
    WaspThemes team

    And don't forget to rate our plugin, it means a lot to us!