That would reduce the number of false positives by a huge amount, but of course might miss out something.

Working on 1100 to 1150 of 1088 files!
Warning: in_array() [function.in-array]: Wrong datatype for second argument in /www/wp-content/plugins/exploit-scanner/exploit-scanner.php on line 439

I also still get a whole bunch of warnings. I didn’t count, but I guess I got just as many warnings as I did with the production version. I’m still not sure how useful 1400 warnings are, when the few that I analyzed seem to be false positives. I’m trying to figure out how I can actually use the results.

A thought: maybe a feature that compares separate scans would help out. I could install a clean blog and run the scan. I could save the results with a name and date.

Then I could re-run the scanner after I install new plugins or after a certain amount of time passes, saving and renaming these scans, as well. On each scan, I could choose to mark all found items as false positives. On each subsequent scan, I could choose to suppress warnings previously marked as false positives. This way, if I run the scanner regularly or after major events (upgrading WP, installing a new theme or plugin, etc.), I could see a list of only the new warnings.

Or am I simply misunderstanding the purpose of this plugin? How would you go about analyzing a report that includes 1400 warnings?

While it’s scanning you can even open the exploit scanner admin page in another browser tab and see the results that have already been collected.

Thanks for the update. I’d love to install and use this plugin. It seems like a great tool, but 1400 warnings with no easy way to weed out the false positives is daunting. I’m guessing (and hoping) that all 1400 are false positives. That’s about all I can do at the moment, since analyzing each and every one is out of the question — especially when multiplied by several blogs!

I’ll keep an eye on the plugin and look forward to the next update. Keep up the good work!

Paging is working well though, I just need to store the results and present them correctly now!

If I copy the results of the scan to a plain text file, the file is 5496 lines long. That suggests on the order of 1400 messages with one of the following severities: Blocker, Severe, Warning or Note.

I’ve searched for a guide or support that would help me weed out the false positives and determine whether I have any actual vulnerabilities that need attention, but I haven’t found anything yet.

It would take ages to manually check every warning to decide whether it’s an actual hack or not. With no additional help or resources, I have to assume that the exploit scanner is either broken or displays too many false positives to be of any actual use at this time.

I’m in a dilemma ..

It seems that the vast majority of reported issues are actually non-issue ‘heads-ups’. It is hard for me to distinguish these small warnings from actual real security breaches.

Thanks.