Comments on: WordPress Exploit Scanner 0.1

By: tiara

tiara — Fri, 12 Feb 2010 20:25:52 +0000

thanks for this plugin! I used it for all my blogs and found a few suspicious files. tsk tsk.

By: John

John — Wed, 10 Jun 2009 23:09:35 +0000

I love this plugin. Since my hosting is on linux, I am very stressed out as I don’t know any antivirus solution for this, at least not one that can work with a shared hosting plan. The wordpress exploit scanner just made my life better especially since most of my sites are wordpress powered.

I want to suggest that future versions should have external definition files with malware code and maybe even auto-update features.

By: monn

monn — Wed, 20 May 2009 11:53:05 +0000

Thx for the tip, but it seems that I can’t use grep on my server. (non linux).

weird thing is, your scanner works in IE, no bad scrips found. only in firefox the redirection occurs ??? Could FF be the problem?
Searing for the Russian url gave me a site which probably hosts “free virus scanner software” The one you don’t want…

THX for your time!

By: Donncha

Donncha — Mon, 18 May 2009 14:12:20 +0000

That’s weird, and yes, I’d say you have a problem! If you can login to your server, use “grep” to search through it for that site’s url.

By: monn

monn — Mon, 18 May 2009 14:06:13 +0000

I’m using version 0.3 and when i’m scanning with the “search files onley” ore “files and database” it redirects me to a russian site “http://gpt0. ru/default .cgi”
That site seems to be ofline, but do i have a problem???

“database onley” gives a hoorey

Could you help me?

THX!

By: Most Wanted Wordpress Tips, Tricks and Hacks « Online Free Applications Software Tips Tools Wallpapers

Wed, 22 Apr 2009 08:57:54 +0000

[...] WordPress Exploit Scanner [...]

By: Trojan on this website |

Trojan on this website | — Sat, 04 Apr 2009 19:10:43 +0000

[...] into how you can stop this happening again. There's also a plug-in which can help you scan your Wordpress for exploits. More updates to follow as the investigation [...]

By: Wordpress Autotest: effetti collaterali imprevisti — Il non-blog di Mario Pascucci

Thu, 12 Feb 2009 15:42:21 +0000

[...] plugin assolutamente necessari, ma a questo punto perché non installare un plugin apposito come il Wordpress Exploit Scanner. Faccio notare che il plugin funziona solo con Wordpress 2.5.1 o successivo, perché (cito [...]

By: thanasis

thanasis — Wed, 04 Feb 2009 23:23:37 +0000

hi all i found this after scaner

“style=\”visibility:hidden” => “CSS styling to hide parts of a web page”,
“ShellBOT” => “This may be a script used by hackers to get control of your server.”,
“uname -a” => “Tells a hacker what operating system your server is running”,
“shell_exec” => “Executes a server command like ls, cd, wget, etc. This may be a script used by hackers.”,
“YW55cmVzdWx0cy5uZXQ=” => “Base64 encoded text found in PHP code that redirects visitors from Google.”,
“” => “HTML code used to hide spammy links, but is also legitimate code.”,
“eval(unescape” => “Could be Javascript code used to hide code inserted by a hacker.”,
“String.fromCharCode” => “Javascript code used to hide suspicious code, but can also be legitimate code.”,
‘$_COOKIE["yahg"]‘ => “YAHG Googlerank.info exploit code. See here for further info.”

how can i fix this hacks??
thanks!!

By: 20+ plugin per Wordpress e non solo | Area3000

20+ plugin per Wordpress e non solo | Area3000 — Mon, 27 Oct 2008 06:05:49 +0000

[...] WordPress Exploit Scanner [...]