Hi, thank for your great plugin.
I noticed that the plugin find the malicious code but grab good code after.
What i find out.
when the php code is closed and have no RETURN it grab good code afterware.
something like:
lBPSIpKTsg');?><?php
OR
lBPSIpKTsg');?><?
php
But when there is a RETURN it work well and stop at the malicious codes.
lBPSIpKTsg');?>
<?php
Because of that, i had to fix a couple of files manually.
-
This topic was modified 9 years ago by Gino Cote. Reason: bad coding
Which threat was this?
If you can send me the whole code so I can see what threat it’s finding then I can improve that definition so that it stops grabbing the PHP bracks at the end of the line.