E
E
evgeniyu2015-10-03 11:55:30
Malware
evgeniyu, 2015-10-03 11:55:30

Can such code be present in a premium WordPess theme?

The antivirus that is on Beget, aka AI-Bolit.
Swears at this code:
File path: wp-content/themes/name-theme/functions/meta-functions.php

// GET Sections & Items
  $mfn_items = get_post_meta($post->ID, 'mfn-page-items', true);
  $mfn_tmp_fn = 'base'.'64_decode';
  $mfn_items = unserialize(call_user_func($mfn_tmp_fn, $mfn_items));

File path: /wp-content/plugins/revslider/inc_php/framework/functions.class.php
//validate if some directory is writable, if not - throw a exception
    private static function validateWritable($name,$path,$strList,$validateExists = true){
      
      if($validateExists == true){
        //if the file/directory doesn't exists - throw an error.
        if(file_exists($path) == false)
          throw new Exception("$name doesn't exists");
      }
      else{
        //if the file not exists - don't check. it will be created.
        if(file_exists($path) == false) return(false);
      }
      
      if(is_writable($path) == false){
        chmod($path,0755);		//try to change the permissions
        if(is_writable($path) == false){
          $strType = "Folder";
          if(is_file($path)) $strType = "File";
          $message = "$strType $name is doesn't have a write permissions. Those folders/files must have a write permissions in order that this application will work properly: $strList";					
          throw new Exception($message);
        }
      }
    }

File Path: /wp-admin/plugin-editor.php
<?php
    if ( wp_verify_nonce($_GET['_error_nonce'], 'plugin-activation-error_' . $file) ) { ?>
  <iframe style="border:0" width="100%" height="70px" src="<?php bloginfo('wpurl'); ?>/wp-admin/plugins.php?action=error_scrape&amp;plugin=<?php echo esc_attr($file); ?>&amp;_wpnonce=<?php echo esc_attr($_GET['_error_nonce']); ?>"></iframe>
  <?php } ?>
</div>

Answer the question

In order to leave comments, you need to log in

1 answer(s)
N
Nikolai Kovalev, 2015-10-03
@nkmail

Yes maybe. If the theme is premium and was purchased (not Varese) - then everything is ok, it passes control. In general, it’s a leftist topic, I have a portal on WordPress that was “infected by type”, also with a premium theme - only a manual appeal to support in I.webmaster helped.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question