The WordPress theme or plugin you have downloaded might contain malicious codes, hidden affiliate links, link to other websites etc. Problem is that, you can not find out this codes, url by manual checking in to the php codes. They are encrypted. So, in order to identify them, you have to do two things:
- Finding out the bad codes in encrypted format
- Decrypt the encrypted codes in order to remove them
Finding out the bad codes in encrypted format
For this, there is a plugin. It is called Exploit Scanner. Simply install it and run it to detect the codes from your WordPress themes or plugins. They officially says: This script searches through your WordPress install for signs that may indicate that your website has been compromised by hackers. It does NOT remove anything, this is left for the user to do. Keep in mind, not all codes detected are malicious. There are false positive detection too. If you have bought a premium wordpress theme, it might had an evaluation copy; in that case, this plugin will catch “eval” as suspicious code. However, you must go to next step to check them manually. Decrypt the encrypted codes in order to remove them Now, you need to decrypt the suspected malicious codes. For this, go this webpage and simply paste the code in the upper text / code entry area and hit “Decode this mess”. You will get the decoded in human readable form. 
Incoming search terms:
finding exploit in wordpress plugins
Visitors Read This Post Also Read:
- How to install WordPress on Windows 7 to test themes and plugins offline Testing a new theme or plugin for developing them or just for normal usage in...
- 15 Tips to secure your WordPress site Some time ago we had a problem with our WordPress site suffered a little hacking....
- WordPress Plugins to create a glossary in your blog Be faster and more precise, what many bloggers love. Using a glossary is widespread in the...
- Disable all update notifications in WordPress If you no longer wish to receive notifications of updates to your WordPress administration, a...
- Follow the traffic to your WordPress blog with Google Analytics plugin To find the plugin to follow traffic your blog is not easy when you face...
- 5 SEO plugins for WordPress 2011 has just begun and you still have not found your resolution for this new...
- Colorful text boxes plugin to highlight text of your WordPress blog Official page says “Highlights any portion of text as text in the colored boxes.” But...
- Potential risks users must be aware while using third party themes in Windows 7 Despite we post many third party themes or Visual Styles for Windows 7, we have...
- How to configure Feedburner so that it does not affect your SEO? We all know about Google Feedburner. On June 3, 2007, FeedBurner was acquired by Google...
- Management of Gravatars in WordPress A gravatar is a miniaturized image that is associated with an e-mail. Implemented in the...
- Integrate the system of Twitter hashtags in WordPress posts Twitterify is an WordPress plugin extension that allows you to integrate an advanced type Hashtags...
- Create a favicon for your WordPress blog Branding is a very important factor on the web to differentiate yourself from others, to...
- How to change the smilies / emoticons in WordPress WordPress offers a variety of native smilies automatically generated when you enter the shortcut to...
- Change the password of a user via phpMyAdmin WordPress The MySQL database for WordPress stores all user passwords in the table wp_users. With phpMyAdmin,...
- How to Install 3rd party themes in Windows 7 Probably you have seen, there are many third party themes available in different websites, forums....
About Abhishek
