Known threat after malware scan

Home Forums Support Forum Known threat after malware scan


This topic contains 1 reply, has 2 voices, and was last updated by  Anti-Malware Admin 6 years, 5 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
  • #1995

    Hi Eli,

    Thank you so much for your wonderful plugin.

    I have a question about a scan I ran today.  After running the scan I got the red warning : Known Threat: www/wp-content/plugins/formidable/css/custom_theme.css.php

    I understand I can fix it with your software, but have no idea what the effect could be. Could it affect the forms on my site?
    I posted this question in the formidable forum and there was someone who had the same:

    Could you tell me more about the threat and whether it is safe to fix it with your software? I’m not a coder, so may be it is an impossible question to answer.

    Kind regards,



    Anti-Malware Admin
    Key Master

    Ah, yes, I have seen this before. The problem is that they are using the include function to render the contents of a CSS file. This improper techniques will actually result in the execution of any PHP code found in the CSS file. Hackers commonly exploit this oversight to execute malicious code. If there is no PHP code in that CSS file then you can ignore this threat or whitelist the file if you feel that this plugin is safe for now, but they really need to change that code and use “echo file_get_content” instead of include.

    A stylesheets should never be loaded with the PHP “include” statement. WordPress even has a built-in method called wp_enqueue_style, which is used to safely render CSS content dynamically.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

Comments are closed.