class-pclzip.php

Home Forums BulletProof Security Pro class-pclzip.php

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #24594
    Glasairmell
    Participant

    Wordfence is complaining about this file: class-pclzip.php. Says This file is a PHP executable file and contains the word eval without quotes and the word unpack without quotes. The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. Is all well?

    Thanks

    #24595
    AITpro Admin
    Keymaster

    File: /wp-admin/includes/class-pclzip.php contains this commented out line of old WordPress code below that was replaced 6 years ago. I cannot tell you anymore than that. You would have to ask Wordfence if they are detecting this commented out line of code by mistake and have them fix that bug in Wordfence.
    Code line 4067: // eval('$v_result = '.$p_options[PCLZIP_CB_PRE_EXTRACT].'(PCLZIP_CB_PRE_EXTRACT, $v_local_header);');

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.