[Defender Pro] Defender is exaggerating file scan

Hi, pls check, why Defender is warning to use "Postman SMTP" and "MainWP Chid" plugins via File Scanning (https://ad-roulette.com/wp-admin/admin.php?page=wdf-scan). Access is granted … Thank you and kind regards,

Sascha

  • Ash
    • WordPress Hacker

    Hello sushling

    assert function is as same as eval function in php, which can run a string as a function. So it should be avoidable. But note that, scan result is a suggestion, still need human to verify. In your case, if you trust the plugin, or you may ask the plugin author for confirmation and then ignore the warning for this plugin.

    Let us know how it goes. Have a nice day!

    Cheers,

    Ash

  • sascha
    • The Bug Hunter

    Thank you Ash. The weird thing is, that I use both plugins on multiple sites and never been warned before. So now I’d like to forward the report to the plugin-developers in order to check if anything went wrong. But as soon as I click on any of the “Found 3 issues” nothing happens. I don’t get any more details.

    Please check this, as it seems rather a problem with Defender. I have extended support-access already.

    Thank you and kind regards,

    Sascha

  • Kris
    • Support

    Hi sushling

    As Ash he mentioned those could be false positives reports and those need be confirm with plugin author developer.

    As for I don't get any more details please click on each issue and wait a little bit until Defender load full file. Then you should be able to click on each issue and this click will move you in code to correct part which is possibly a false positive.

    Please check below screenshots:

    Before contact with plugins authors I recommend also those steps:

    1. make full site backup

    2. re-upload once again original files from both plugins via ftp to correct folders in /wp-content/plugins/

    3. run new scan in Defender.

    This will confirm does files are infected or they are original coded like that.

    Hope this help :slight_smile:

    Kind Regards,

    Kris

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.