Security Alert pointing at Ajax Search Pro for WordPress

Home Forums Product Support Forums Ajax Search Pro for WordPress Support Security Alert pointing at Ajax Search Pro for WordPress

This topic contains 1 reply, has 2 voices, and was last updated by Ernest Marcinko Ernest Marcinko 5 years ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #21639
    Sasha_Fit_Casually
    Sasha_Fit_Casually
    Participant

    Hi there,

    We received this alert pointing at Ajax Search Pro:

    Generic.Hidden.Code.2
    This file contains suspicious hidden code, and should be checked for recent changes, or malicious code. Often hackers try to hide their hack attempts by obfuscating their attack code, to make it harder to detect. VaultPress has detected a string of suspicious characters in this file. Please check your backup history for recent changes to this file, or contact a Safekeeper if you are unsure.

    tcpdf_static.php

    /wp-content/plugins/ajax-search-pro/includes/externals/pdf-smalot/tecnickcom/tcpdf/include

    Showing this code:

    public static function getTCPDFProducer() {

    128

    return “\x54\x43\x50\x44\x46\x20”.self::getTCPDFVersion().”\x20\x28\x68\x74\x74\x70\x3a\x2f\x2f\x77\x77\x77\x2e\x74\x63\x70\x64\x66\x2e\x6f\x72\x67\x29″;

    129

    }

    Regards

    Sasha

    #21650
    Ernest Marcinko
    Ernest Marcinko
    Keymaster

    Hi Sasha,

    That is a false positive, I can confirm. The suspicious file is actually only build of a decoder for PDF documents. You can safely ignore it. For more details you can even check the project, it is open source: TDPDF on github

    Best,
    Ernest Marcinko

    If you like my products, don't forget to rate them on codecanyon :)


Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.