sucuri.net caches their scan results. Try their “Re-Scan” button. If it still shows an infection then you can email me with your WP Admin credentials and I’ll find it for you.
Thanks for catching that!
On line 1055 I am reading in the array to be walked from the options table. However, in the case of new installs, there are not any options saved so it returns false instead of an array. This will only happen once after a new install because the default settings will then be saved and returned properly but I have fixed it in my code for the next release.
Thanks for pointing this out to me. Let me know if I can be of any further assistance.
This particular iframe hack may not be identified as a “Known Threat” yet. I would love to catch it for you and add it to my definitions update if you are willing to give me access to your WP Admin. Otherwise, you could look through all the “Potential Threats” to see if it is one of those. if you do find it on your own please let me know what it was so I can add it to the updates.
I just released an update that fixes this issue. The Complete Scan will now reach 100% and report any file or folders that could not be read or opened.
Download version 1.2.10.27 to resolve these issues.
I just released an update that fixes this issue. The Complete Scan will now reach 100% and report any file or folders that could not be read or opened.
Thanks for the followup emails I’m glad the BETA version worked for you.
I just release the finished version of that BETA with a few more tweaks for error handling. You should download 1.2.10.05 and run a Complete Scan again. Let me know if the threats come back again.
It would seem that my plugin is not finding every vulnerability on your site. Are you fixing timthumbs or just known threats? Are you scanning the root of the site or just the plugins directory? Are you an a shared server? Maybe there is another site on your server that is reinfecting you.
Maybe one of the Potential Threats is actually malicious and it is not being detected correctly. Can you send me a list of the Potential Threats?
I updated the definitions file and it fixed this error.
Your site is clean now too!
To see what folders it scanned and what folder it could not scan click on the link “Read 999 Directories”.
The first thing to try is the BETA version 1.2.07.30
http://downloads.wordpress.org/plugin/gotmls.1.2.07.30.zip
I takes longer but effectively skips unreadable directories automatically.
I can’t imagine why your exclude list is not working but I could take a look at it if you want to grant me admin access to your site.
Thanks for reporting this problem. I have only had one other similar report and still need to collect more info on the possible cause. It would help me greatly if you would permit me to login to your WP Admin so I could troubleshoot it directly.
I just release an update that fixes this issue. I upgraded my plugin on your site to the new version 1.2.08.31 and was then able to update the definitions. I also ran a scan on your site and no threats were found 
I just wanted to post another solution for those who are still having this issue. I don’t yet have an absolute fix as there are many different reasons for the scan to get stuck in the middle but I did release a BETA version that effectively skips the problem directories and allows you to fix the threats that are found. It is much slower and it relies on heavy JavaScript that may bog down you browser while scanning but it is my best solution yet for this particular problem.
It is version 1.2.07.30 in the WordPress Repositories and it can be downloaded here:
http://downloads.wordpress.org/plugin/gotmls.1.2.07.30.zip
We have an answer but I’m not satisfied. I want my plugin to work, even on low resource servers. Plus, I’m not convinced that there is not still another reason you cannot post forms in your admin.
I would like to keep trying until I find a way to get it to work on your server if that is ok with you.
Thanks. I got in. I see that the problem on your site extends beyond my plugin. Not only does it prevent my plugin from posting a large amount of data to update the definitions but it also prevents me from using the built in plugin-editor to update my plugin when I tried to modify my plugin to work around this issue. As a test, I also tried to create a test page with a lot of content and save it as a draft but it too failed. Your server appears to break when receiving a large amount of POST data. Has it always been like that or do you think it is a result of getting hacked?
