quickview.php containing a possible threat?
I have an anti-malware-virus plugin that keeps on detecting an issue with a specific BeTheme file since the last BeTheme versions, the file involved is: /wp-content/themes/betheme/includes/quickview.php
The code part seen as known threat is:
---
<?php
$funname = 'woocommerce_'.$product->get_type().'_add_to_cart';
$funname();
?>
---
Is this correct or just a false positive?
Comments
Hello,
It is just a false positive.
It is a common way to call a function, and I do not know why it would be treated as an issue.
Best regards
Thanks for clearing that!
Maybe because of 'funname' ? :-)
If you tell me a plugin name you are using we take a look at it and test why it reports an issue.
Thanks
Sure, it's https://wordpress.org/plugins/gotmls/
I have used this plugin, and unfortunately (or luckily), it did not detect any issue with this file.
You can ignore it as it does not cause real danger.
But I will keep this plugin on, and if the issue appears, I will take a look at it.
Thanks
Strange that it didn't detect it with you, but luckily indeed.
Or maybe because you used the free version? Or did you make a donation to get the full version working?
But thanks so far, I will ignore the false positive!
I used a free version, but it scanned through all Betheme files.
Thanks