Şüpheli bulduğum şöyle bir kısım var;
wp-admin/includes/class-pclzip.php:4068
Often used to execute malicious code // eval('$v_result = '.$p_options[PCLZIP_CB_PRE_EXTRACT
wp-admin/includes/file.php:1013
Used by malicious scripts to decode previously obscured data/programs $expected_raw_md5 = base64_decode( $expected_md5 );
wp-includes/random_compat/random_bytes_com_dotnet.php:66
Used by malicious scripts to decode previously obscured data/programs $buf .= base64_decode($util->GetRandom($bytes, 0));
wp-includes/class-json.php:22
Often used to execute malicious code * Javascript, and can be directly eval()'ed with no further parsing
wp-includes/class-wp-simplepie-sanitize-kses.php:46
Used by malicious scripts to decode previously obscured data/programs $data = base64_decode( $data );
wp-includes/IXR/class-IXR-message.php:196
Used by malicious scripts to decode previously obscured data/programs $value = base64_decode($this->_currentTagContents);
wp-includes/class-wp-customize-widgets.php:1289
Used by malicious scripts to decode previously obscured data/programs $decoded = base64_decode( $value['encoded_serialized_instance'], true );
wp-includes/js/json2.min.js:1
Often used to execute malicious code eplace(rx_three,"]").replace(rx_four,"")))return j=eval("("+text+")"),"function"==typeof reviver?walk({
wp-includes/js/tw-sack.min.js:1
Often used to execute malicious code is.argumentSeparator)},this.runResponse=function(){eval(this.response)},this.runAJAX=function(a){if(thi
wp-includes/js/tw-sack.js:119
Often used to execute malicious code eval(this.response);
wp-includes/js/jquery/jquery.schedule.js:30
Often used to execute malicious code ctx["func"]=eval("function () { "+ctx["func"]+" }");}
wp-includes/js/jquery/jquery.form.min.js:11
Often used to execute malicious code e?b:null},I=a.parseJSON||function(a){return window.eval("("+a+")")},J=function(b,c,d){var e=b.getRespon
wp-includes/js/plupload/moxie.js:3278
Used by malicious scripts to decode previously obscured data/programs // * example 1: base64_decode('S2V2aW4gdmFuIFpvbm5ldmVsZA==');
wp-includes/js/tinymce/tiny_mce_popup.js:192
Often used to execute malicious code eval(evil);
wp-includes/js/json2.js:504
Often used to execute malicious code j = eval('(' + text + ')');
wp-includes/class-smtp.php:471
Used by malicious scripts to decode previously obscured data/programs $challenge = base64_decode(substr($this->last_reply, 4));
wp-includes/ID3/module.audio.ogg.php:679
Used by malicious scripts to decode previously obscured data/programs $flac->setStringMode(base64_decode($ThisFileInfo_ogg_comments_raw[$i]['value']));
wp-includes/ID3/module.audio.ogg.php:686
Used by malicious scripts to decode previously obscured data/programs $data = base64_decode($ThisFileInfo_ogg_comments_raw[$i]['value']);
wp-includes/class-phpmailer.php:3411
Used by malicious scripts to decode previously obscured data/programs $data = base64_decode($data);
wp-includes/class-snoopy.php:678
Often used to execute malicious code // I didn't use preg eval (//e) since that is only available in PHP 4.0.
wp-includes/SimplePie/Sanitize.php:244
Used by malicious scripts to decode previously obscured data/programs $data = base64_decode($data);
wp-content/plugins/exploit-scanner/readme.txt:114
Often used to execute malicious code * Fixed the eval() check incorrectly matching function names tha