[Resolved] WPMU Defender flagging GP files

Home Forums Support WPMU Defender flagging GP files

  • This topic has 5 replies, 3 voices, and was last updated 1 year ago by Tom.
Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #953503
    Brian

    Just happened to notice this tonight.

    /wp-content/plugins/gp-premium/elements/class-hooks.php
    /wp-content/plugins/gp-premium/hooks/functions/hooks.php

    both getting flagged with the same line:

    2019-07-09_2022

    #954150
    Tom
    Lead Developer
    Lead Developer

    Hi there,

    eval() can be used for nasty stuff, which is why plugins like that search for it.

    In this case, it’s perfectly safe (and necessary). You can mark both as safe (if that’s an option).

    #954381
    Brian

    Was the eval() always present in the files?

    Just trying to determine if that’s a new GP file or if Defender recently started searching for that.

    I wish Defender would allow a global white/black lists for all sites attached to my account. Strange in only showed up on one site so far also, I use GP and Defender on about 25.

    I will post to the thread if I notice anything noteworthy.

    Thanks as always

    #954430
    Tom
    Lead Developer
    Lead Developer

    It’s always been present in GP Hooks/Elements, as it’s necessary to parse the PHP if executed in the hook.

    #993480
    Sascha

    Same here, as you can see on my screenshot: http://media.macbay.de/_support/gp-premium-warning_2313BD37.png

    Plus: The layout (Header & Footer with GP, Content with Elementor) got corrupted over the weekend, e.g. transparent buttons turned green and some other issues. Only after re-updating from Elementor-editor this original layout returned.

    I will report this issue to WPMUDEV team too and get back here soon. By the way, is it possible to share this thread publicly, so that I can show to WPMUDEV more easily?

    Thank you and kind regards,
    Sascha

    #993899
    Tom
    Lead Developer
    Lead Developer

    This thread is public by default.

    They won’t be able to do anything on their side, as they need to check for the eval() function. In this case, we’re using it as it’s intended to be used, so there’s no need to worry 🙂

Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.