-
Posts
-
Running malware scan on Enfold theme 3.0.4 today 2/26/2015, we discovered a backdoor script: The script is located in:
wp-content/themes/enfold/framework/php/.function-set-avia-ajax.phpDear Kriesi.at,
Can you please examine this vulnerability?Best Regards,
Will ZellI just noticed that there is a job opening at Kriesi.at for Help Desk person. So perhaps I have a wait ahead of me.
Job description: “Help our customers by answering their support requests in our support forum”Anti-Malware from GOTMLS.NET a plugin that is on the WP site.
Here is an image for you: http://www.btlt.org/wp-content/uploads/2015/02/questionable-script.png
Hi!
It’s most likely a false positive with the scanner your using. This happens quite often with malware scanners, etc. Enfold is used on thousands of websites so if there were any problems we would know about it very quickly. Do you have anymore information on what the scanner said?
We went ahead and flagged this for Kriesi though.
Cheers!
ElliottHello,
To prevent this kind of issues please make sure to have the theme updated to its latest version (3.0.8) + any other plugins you may have.
Best regards,
JosueThank you for this tip. We will continue to keep these themes up to date.
These themes were updated and then the incident occurred. These things just happen is my take on this despite the best intentions of the plugin and theme developer. We all need to have some tolerance that nothing is full-proof and also be sure to have updates of everything just incase we loose our website. Thanks for your help.Hi!
In this case I’m not sure the plugin to scan/check for issues or potential risks has enough weight to warrant any worry.
Most scanning software will flag a few items within the theme even though they are being escaped correctly.
Either way whenever anyone reports a worry/possible issue Kriesi re-checks through the theme and the specific concerns :)
Best regards,
Devin
- The topic ‘New Back Door Script Discovered’ is closed to new replies.