This website uses cookies to personalize your experience. By using this website you agree to our cookie policy.

Security Alert pointing at Ajax Search Pro for WordPress

Home Forums Product Support Forums Ajax Search Pro for WordPress Support Security Alert pointing at Ajax Search Pro for WordPress

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • March 16, 2019 at 1:11 am #21639
    Sasha_Fit_CasuallySasha_Fit_Casually
    Participant

    Hi there,

    We received this alert pointing at Ajax Search Pro:

    Generic.Hidden.Code.2
    This file contains suspicious hidden code, and should be checked for recent changes, or malicious code. Often hackers try to hide their hack attempts by obfuscating their attack code, to make it harder to detect. VaultPress has detected a string of suspicious characters in this file. Please check your backup history for recent changes to this file, or contact a Safekeeper if you are unsure.

    tcpdf_static.php

    /wp-content/plugins/ajax-search-pro/includes/externals/pdf-smalot/tecnickcom/tcpdf/include

    Showing this code:

    public static function getTCPDFProducer() {

    128

    return “\x54\x43\x50\x44\x46\x20”.self::getTCPDFVersion().”\x20\x28\x68\x74\x74\x70\x3a\x2f\x2f\x77\x77\x77\x2e\x74\x63\x70\x64\x66\x2e\x6f\x72\x67\x29″;

    129

    }

    Regards

    Sasha

    March 18, 2019 at 9:33 am #21650
    Ernest MarcinkoErnest Marcinko
    Keymaster

    Hi Sasha,

    That is a false positive, I can confirm. The suspicious file is actually only build of a decoder for PDF documents. You can safely ignore it. For more details you can even check the project, it is open source: TDPDF on github

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.