Threat Scan Plugin For WordPress

Posted by


This plugin used to scan the content directory as well as the database for any kind of threat.

It searches PHP files for the occurrence of the eval() function, which, although a valuable part of PHP is also the door that hackers use in order to infect systems. The eval() function is avoided by many programmers unless there is a real need.

It is sometimes used by hackers to hide their malicious code or to inject future threats into infected systems. If you find a theme or a plugin that uses the eval() function it is safer to delete it and ask the author to provide a new version that does not use this function.

When scan your system, it undoubtedly see the eval used in javascript because it is used in the javascript AJAX and JSON functionality. The appearance of eval in these cases does not mean that there is a possible threat. It just means that you should inspect the code to make sure that it is in a javascript section and not native PHP.

The plugin continues its scan by checking the database tables for javascript or html where it should not be found.

A clean scan does not mean you are safe. Please do Backups and keep your installation up to date!

Requires WordPress Version: 2.6 or higher

More Details And Download


Shane G.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.