Security issue with Garland theme?

I received the following automatic email from my cPanel:

“Note: If this is the first time you received this mail, it contains the history for the entire month so far. Below are the recently upload scripts that contain code to send email. You may wish to inspect them to ensure they are not sending out SPAM.

/home/domain/public_html/wp-content/themes/garland/404.php:22: if (get_theme_mod(‘404’:wink:) {

/home/domain/public_html/wp-content/themes/garland/404.php:23: mail($adminemail, “Bad Link To “.$_SERVER,

/home/domain/public_html/wp-content/themes/garland/404.php:24: $failuremess, “From: $websitename <noreply@$website>”:wink:; #email you about problem”

I believe this message refers to the Garland theme from the Farms 133 theme pack. Is there a possibility that this theme could be used to generate spam mail?

Thanks,

Andy

  • Timothy
    • Chief Pigeon

    Hey there.

    It’s just an email letting you know what has been uploaded which could be used to send emails. Are you using full WHM then?

    Anything with the mail() or wp_mail() function can be used to send mail.

    If you upload a fresh version of WordPress it may well bring up some notices there as well.

    The code there appears to mail the admin everytime a 404 page is hit, thus letting the site admin know he has broken links:

    mail($adminemail, "Bad Link To ".$_SERVER['REQUEST_URI'],
    /home/domain/public_html/wp-content/themes/garland/404.php:24: $failuremess, "From: $websitename <noreply@$website>"); #email you about problem"

    Take care.

  • Timothy
    • Chief Pigeon

    Hey again.

    Right, that’s not what the code does as I explained.

    You’ll get the same when using contact plugins, or anything which has the mail function in.

    This includes newsletter type plugins as well.

    You can of course remove the code should you really wish. cPanel is simply reporting that the mail function exists in the code.

    Take care.

  • aristath
    • Recruit

    Hiya, just going through some of the older threads here.

    As it’s been a little while since we last heard from you I thought I’d check in to see how you’re going?

    If you’re still looking for some further assistance with this thread then please feel free to reopen the thread or of course for any new and related issues you are most welcome to open a new thread.

    Thanks.

    Ari.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.