Suspicious code signatures found with $_GET

  • Resolved codemine

    (@codemine)


    6 years, 9 months ago

    Any idea why the plugin identifies in one of my plugins the $_GET function as suspicious code signature?

    In other lines of code, the error Suspicious code instruction found comes up with call_user_func.

Viewing 1 replies (of 1 total)
  • Plugin Author gioni

    (@gioni)

    6 years, 9 months ago

    Improper sanitization of the $_GET variable can lead to a serious vulnerability also $_GET can be used by malware or backdoors. The call_user_func function is not safe by itself and again can be used by malware or backdoors. The plugin displays warnings because a website owner should be aware of where threats come from. If you’re developing a plugin, use the ignore list.

Viewing 1 replies (of 1 total)

The topic ‘Suspicious code signatures found with $_GET’ is closed to new replies.