Anti-Malware Security and Brute-Force Firewall

Version Description

Added wp_options table to the db_scan.
Fixed a few minor bugs in the db scan quarantine view.
Changed some wording and other minor fomatting issues.
Checked code for compatibility with WP 5.2.1 (latest release).

Release Info

Developer	scheeeli
Plugin	Anti-Malware Security and Brute-Force Firewall
Version	4.18.71
Comparing to
See all releases

Code changes from version 4.18.69 to 4.18.71

Files changed (3) hide show

images/index.php +137 -27
index.php +41 -34
readme.txt +13 -4

images/index.php CHANGED Viewed

	@@ -189,7 +189,7 @@ function GOTMLS_Invalid_Nonce($pre = "//Error: ") {
189	if (!function_exists("GOTMLS_set_nonce")) {
190	function GOTMLS_set_nonce($context = "NULL") {
191	$hour = round(($GLOBALS["GOTMLS"]["tmp"]["mt"]/60)/60);
192	- $transient_name = md5(GOTMLS_installation_key.GOTMLS_plugin_path~~.$hour~~);
193	foreach ($GLOBALS["GOTMLS"]["tmp"]["nonce"] as $nonce_key => $nonce_value)
194	if (($nonce_value > $hour) \|\| (($nonce_value + 24) < $hour))
195	unset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$nonce_key]);
	@@ -511,6 +511,7 @@ function GOTMLS_admin_notices() {
511	elseif ($GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
512	echo $GLOBALS["GOTMLS"]["tmp"]["HeadersError"];
513	}

514
515	function GOTMLS_array_recurse($array1, $array2) {
516	foreach ($array2 as $key => $value) {
	@@ -563,6 +564,7 @@ function GOTMLS_loaded() {
563	$_SESSION["GOTMLS_debug"]=array();
564	}
565	}

566
567	if (!function_exists("add_action")) {
568	GOTMLS_loaded();
	@@ -797,8 +799,62 @@ function GOTMLS_db_scan($id = 0) {
797	global $wpdb;
798	if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
799	if ($id) {
800	- ~~if ((~~$~~Q_post~~ = ~~GOTMLS_get_quarantine~~($id)~~) && isset($Q_post["post_content"])) {~~
801	- $~~path~~ = ~~'Post~~ ~~ID:~~ '~~.$Q_post["ID"]~~;






















































802	$clean_file = $Q_post["post_title"];
803	$fa = "";
804	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = $Q_post["post_content"];
	@@ -822,37 +878,37 @@ function GOTMLS_db_scan($id = 0) {
822	}
823	} else
824	$fa = " No Threats Found";
825	- if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && in_array(~~GOTMLS_encode(~~$~~id)~~, $_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"] > 0) {
826	if ($_REQUEST["GOTMLS_fixing"] > 1) {
827	echo "<li>Removing $path ... ";
828	$Q_post["post_status"] = "trash";
829	if (wp_update_post($Q_post)) {
830	echo __("Done!",'gotmls');
831	- $li_js .= "/-->"."/\nDeletedFile('$id');\n/<!--"."/";
832	} else {
833	echo __("Failed to delete!",'gotmls');
834	- $li_js .= "/-->"."/\nfailedFile('$id');\n/<!--"."/";
835	}
836	- GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Removal ~~from~~ ~~Content~~")));
837	} else {
838	echo "<li>Fixing $path ... ";
839	GOTMLS_write_quarantine($Q_post, "db_scan");
840	$Q_post["post_content"] = $GLOBALS["GOTMLS"]["tmp"]["new_contents"];
841	if (wp_update_post($Q_post)) {
842	echo __("Success!",'gotmls');
843	- $li_js .= "/-->"."/\nfixedFile('$id');\n/<!--"."/";
844	} else {
845	echo __("Update Failed!",'gotmls');
846	- $li_js .= "/-->"."/\nfailedFile('$id');\n/<!--"."/";
847	}
848	- GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "~~Restoration~~ from ~~Quarantine~~")));
849	}
850	return $li_js;
851	} else {
852	- return admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."~~805~~")).($Q_post["post_type"]=="revision"?'" onsubmit="return confirm(\''.__("Are you sure you want to delete this revision?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="Delete this revision" style="float: right;"><input type="hidden" name="GOTMLS_fix[]" value="'~~.GOTMLS_encode($Q_post["ID"])~~:"").'"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>Record Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />last_modified:'.$Q_post["post_modified_gmt"].'<br />post_type:'.$Q_post["post_type"].'<br />author:'.$Q_post["post_author"].'<br />status:'.$Q_post["post_status"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Record Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>';
853	}
854	} else
855	- die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists ~~in the posts table~~.",'gotmls')."<br />\n<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
856	} else {
857	$threats_found = array();
858	if (!isset($_REQUEST["eli"]))
	@@ -865,6 +921,7 @@ function GOTMLS_db_scan($id = 0) {
865	if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
866	echo GOTMLS_return_threat("db_scan", "question", (print_r(array("scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("$val Rows", 0));//debug
867	foreach ($found_row as $frow) {

868	$found = 0;
869	if ($frow["post_type"] != "revision" \|\| isset($_REQUEST["eli"])) {
870	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = $frow["post_content"];
	@@ -872,19 +929,52 @@ function GOTMLS_db_scan($id = 0) {
872	$GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"] = microtime(true);
873	foreach ($scan_regex as $threat_definition)
874	$found += GOTMLS_preg_match_all($threat_definition, $threat_name);
875	- if ($found && !isset($threats_found['row_id_'.$~~frow["ID"~~]])) {
876	- $li_js = GOTMLS_return_threat("db_scan", "threat", "$found $threat_name(\"".str_replace('%', '*', trim($scan_sql, "%")).'") in '.$frow["post_type"]."(".(($frow["post_status"]=='inherit')?$frow["post_parent"]:$frow["post_status"]).'):"'.GOTMLS_htmlspecialchars($frow["post_title"]).'":'.$frow["ID"], '<input type="checkbox" name="GOTMLS_fix[]" id="check_'.$~~frow["ID"]~~.'" value="'.~~GOTMLS_encode($frow["ID"]).~~'" checked="true">'.GOTMLS_error_link(__("View DB Injection",'gotmls'), $frow["ID"], "db_scan"));
877	- if (isset($_REQUEST["eli"]))
878	- echo str_replace($frow["ID"].'</a>', '</a><a target="_blank" title="~~Edit~~ '.$frow["post_type"].'" href="'.admin_url(($frow["post_type"]=="revision")?'revision.php?revision='.$frow["ID"]:'post.php?action=edit&post='.$frow["ID"]).'">~~EDIT~~: '.$frow["ID"].'</a>', $li_js);
879	- else
880	- ~~echo~~ $~~li_js~~;
881	- $threats_found['row_id_'.$frow["ID"]] = $threat_name;
882	} elseif (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
883	echo GOTMLS_return_threat("db_scan", "question", (print_r(array("post_id"=>$frow["ID"], "scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("No preg_match", 0));//debug
884	}
885	}
886	- } ~~elseif (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))~~
887	- ~~echo~~ ~~GOTMLS_return_threat~~(~~"db_scan",~~ ~~"question",~~ (~~print_r~~(~~array("db_scan"=>$GLOBALS~~[~~"GOTMLS"~~]~~["tmp"]["definitions_array"]["db_scan"]~~, ~~"scan_regex:"=>$scan_regex~~,"~~SQL:~~"~~=>$SQL)~~,1)), ~~GOTMLS_error_link~~(~~"No~~ ~~Rows",~~ 0))~~;//debug~~


































888	}
889	}
890	}
	@@ -991,6 +1081,11 @@ function GOTMLS_write_quarantine($file, $className) {
991	$insert["post_modified_gmt"] = $file["post_modified_gmt"];
992	$insert["comment_count"] = strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]);
993	$file = $file["post_type"].':'.$file["ID"].':"'.$file["post_title"].'"';





994	}
995	$insert["post_title"] = $file;
996	$insert["post_date"] = date("Y-m-d H:i:s");
	@@ -1047,14 +1142,16 @@ function GOTMLS_flush($tag = "") {
1047	$output = "";
1048	if (($output = @ob_get_contents()) && strlen(trim($output)) > 18) {
1049	@ob_clean();
1050	- ~~$output~~ ~~= preg_replace~~(~~'/\/\<\!--\\/.?\/\-->\\//s',~~ "", "$output/-->*"."/");

1051	echo "$output\n//flushed(".strlen(trim($output)).")\n";
1052	if ($tag)
1053	echo "\n</$tag>\n";
1054	if (@ob_get_length())
1055	@ob_flush();
1056	if ($tag)
1057	- echo "<$tag>\n/<!--"~~."/"~~;

1058	}
1059	}
1060
	@@ -1154,13 +1251,22 @@ function GOTMLS_strip4java($item, $htmlentities = false) {
1154	}
1155
1156	function GOTMLS_error_link($errorTXT, $file = "", $class = "errors") {
1157	- global $post;
1158	$encoded_file = GOTMLS_encode($file);
1159	- ~~if (is_numeric(~~$~~file)~~ && ~~isset~~($~~post->post_title~~)~~) {~~









1160	$encoded_file = $file;
1161	- $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.__("Examine Quarantined Content",'gotmls').' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'~~.GOTMLS_strip4java($post->post_title~~)).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."~~744~~").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$file);
1162	} elseif ($file)
1163	- $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.__("Examine Current Content",'gotmls').' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'~~.GOTMLS_htmlspecialchars(GOTMLS_strip4java($file~~)~~, ENT_NOQUOTES))~~.'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."~~746~~").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$encoded_file.preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:""));
1164	else
1165	$onclick = 'return false;';
1166	return "<a id=\"list_$encoded_file\" title=\"$errorTXT\" target=\"GOTMLS_iFrame\" onclick=\"$onclick\" class=\"GOTMLS_plugin $class\">";
	@@ -1227,6 +1333,8 @@ function GOTMLS_scandir($dir) {
1227	echo GOTMLS_return_threat("skipped", "blocked", $path, GOTMLS_error_link(sprintf(__('Skipped because of file size (%1$s bytes) or file extention (%2$s)!','gotmls'), $filesize, $file_ext), $file, "potential"));
1228	else
1229	echo "/-->"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java($path)."');\n/<!--"."/".GOTMLS_return_threat("dirs", "wait", $path);


1230	}
1231	}
1232	echo GOTMLS_return_threat("dir", "question", $dir);
	@@ -1242,6 +1350,8 @@ function GOTMLS_scandir($dir) {
1242	} else {
1243	GOTMLS_check_file($path);
1244	}


1245	}
1246	}
1247	echo GOTMLS_return_threat("dir", "checked", $dir);


189	if (!function_exists("GOTMLS_set_nonce")) {
190	function GOTMLS_set_nonce($context = "NULL") {
191	$hour = round(($GLOBALS["GOTMLS"]["tmp"]["mt"]/60)/60);
192	+ $transient_name = md5(substr(number_format(microtime(true), 9, '-', '/'), 6).GOTMLS_installation_key.GOTMLS_plugin_path);
193	foreach ($GLOBALS["GOTMLS"]["tmp"]["nonce"] as $nonce_key => $nonce_value)
194	if (($nonce_value > $hour) \|\| (($nonce_value + 24) < $hour))
195	unset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$nonce_key]);

511	elseif ($GLOBALS["GOTMLS"]["tmp"]["HeadersError"])
512	echo $GLOBALS["GOTMLS"]["tmp"]["HeadersError"];
513	}
514	+ add_action("admin_notices", "GOTMLS_admin_notices");
515
516	function GOTMLS_array_recurse($array1, $array2) {
517	foreach ($array2 as $key => $value) {

564	$_SESSION["GOTMLS_debug"]=array();
565	}
566	}
567	+ add_action("plugins_loaded", "GOTMLS_loaded");
568
569	if (!function_exists("add_action")) {
570	GOTMLS_loaded();

799	global $wpdb;
800	if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
801	if ($id) {
802	+ $encoded_id = GOTMLS_encode($id);
803	+ $ids = explode(".", $id.'.');
804	+ if (count($ids) > 2 && 'tbl'.$ids[1] == 'tbl1' && is_numeric($ids[0]) && ($Q_post = $wpdb->get_row("SELECT * FROM `$wpdb->options` WHERE `option_id` = ".$ids[0], ARRAY_A))) {
805	+ $path = 'Option ID: '.$Q_post["option_id"];
806	+ $clean_file = $Q_post["option_name"];
807	+ $fa = "";
808	+ $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = $Q_post["option_value"];
809	+ $GLOBALS["GOTMLS"]["tmp"]["new_contents"] = ($Q_post["option_value"]);
810	+ $found = 0;
811	+ $GLOBALS["GOTMLS"]["tmp"]["threats_found"] = array();
812	+ foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"] as $scan_sql => $scan_regex) {
813	+ $GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"] = microtime(true);
814	+ $threat_name = array_shift($scan_regex);
815	+ while ($threat_definition = array_shift($scan_regex))
816	+ $found += GOTMLS_preg_match_all($threat_definition, $threat_name);
817	+ }
818	+ if (isset($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["threats_found"]) && count($GLOBALS["GOTMLS"]["tmp"]["threats_found"])) {
819	+ $f = 1;
820	+ foreach ($GLOBALS["GOTMLS"]["tmp"]["threats_found"] as $threats_found => $threats_name) {
821	+ list($start, $end, $junk) = explode("-", "$threats_found--", 3);
822	+ if ($start > $end)
823	+ $fa .= 'ERROR['.($f++).']: Threat_size{'.$threats_found.'} Content_size{'.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'}';
824	+ else
825	+ $fa .= ' <a title="'.GOTMLS_htmlspecialchars($threats_name).'" href="javascript:select_text_range(\'ta_file\', '.$start.', '.$end.');">['.$f++.']</a>';
826	+ }
827	+ } else
828	+ $fa = " No Threats Found";
829	+ if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && in_array($encoded_id, $_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"] > 0) {
830	+ GOTMLS_write_quarantine($Q_post, "db_scan");
831	+ if ($_REQUEST["GOTMLS_fixing"] > 1) {
832	+ echo "<li>Removing $path ... ";
833	+ if ($wpdb->query("DELETE FROM `$wpdb->options` WHERE `option_id` = ".$Q_post["option_id"])) {
834	+ echo __("Done!",'gotmls');
835	+ $li_js .= "/-->"."/\nDeletedFile('$encoded_id');\n/<!--"."/";
836	+ } else {
837	+ echo __("Failed to delete!",'gotmls');
838	+ $li_js .= "/-->"."/\nfailedFile('$encoded_id');\n/<!--"."/";
839	+ }
840	+ GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Removal of Option")));
841	+ } else {
842	+ echo "<li>Fixing $path ... ";
843	+ if ($wpdb->update($wpdb->options, array("option_value" => $GLOBALS["GOTMLS"]["tmp"]["new_contents"]), array('option_id' => $Q_post["option_id"]))) {
844	+ echo __("Success!",'gotmls');
845	+ $li_js .= "/-->"."/\nfixedFile('$encoded_id');\n/<!--"."/";
846	+ } else {
847	+ echo __("Update Failed!",'gotmls');
848	+ $li_js .= "/-->"."/\nfailedFile('$encoded_id');\n/<!--"."/";
849	+ }
850	+ GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Removal from Option")));
851	+ }
852	+ return $li_js;
853	+ } else {
854	+ return admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."853")).'" onsubmit="return confirm(\''.__("Are you sure you want to delete this option?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="Delete this Option" style="float: right;"><input type="hidden" name="GOTMLS_fix[]" value="'.$encoded_id.'"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>Record Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Record Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>';
855	+ }
856	+ } elseif (($Q_post = GOTMLS_get_quarantine($ids[0])) && isset($Q_post["post_content"])) {
857	+ $path = $Q_post["post_type"].' ID: '.$Q_post["ID"];
858	$clean_file = $Q_post["post_title"];
859	$fa = "";
860	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = $Q_post["post_content"];

878	}
879	} else
880	$fa = " No Threats Found";
881	+ if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && in_array($encoded_id, $_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"] > 0) {
882	if ($_REQUEST["GOTMLS_fixing"] > 1) {
883	echo "<li>Removing $path ... ";
884	$Q_post["post_status"] = "trash";
885	if (wp_update_post($Q_post)) {
886	echo __("Done!",'gotmls');
887	+ $li_js .= "/-->"."/\nDeletedFile('$encoded_id');\n/<!--"."/";
888	} else {
889	echo __("Failed to delete!",'gotmls');
890	+ $li_js .= "/-->"."/\nfailedFile('$encoded_id');\n/<!--"."/";
891	}
892	+ GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Removal of Revision")));
893	} else {
894	echo "<li>Fixing $path ... ";
895	GOTMLS_write_quarantine($Q_post, "db_scan");
896	$Q_post["post_content"] = $GLOBALS["GOTMLS"]["tmp"]["new_contents"];
897	if (wp_update_post($Q_post)) {
898	echo __("Success!",'gotmls');
899	+ $li_js .= "/-->"."/\nfixedFile('$encoded_id');\n/<!--"."/";
900	} else {
901	echo __("Update Failed!",'gotmls');
902	+ $li_js .= "/-->"."/\nfailedFile('$encoded_id');\n/<!--"."/";
903	}
904	+ GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Removal from Content")));
905	}
906	return $li_js;
907	} else {
908	+ return admin_url('admin-ajax.php?'.GOTMLS_set_nonce(__FUNCTION__."905")).($Q_post["post_type"]=="revision"?'" onsubmit="return confirm(\''.__("Are you sure you want to delete this revision?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="Delete this revision" style="float: right;"><input type="hidden" name="GOTMLS_fix[]" value="'.$encoded_id:"").'"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>Record Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />last_modified:'.$Q_post["post_modified_gmt"].'<br />post_type:'.$Q_post["post_type"].'<br />author:'.$Q_post["post_author"].'<br />status:'.$Q_post["post_status"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Record Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.GOTMLS_htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>';
909	}
910	} else
911	+ die(GOTMLS_html_tags(array("html" => array("body" => __("This record no longer exists.",'gotmls')."<br />\n<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
912	} else {
913	$threats_found = array();
914	if (!isset($_REQUEST["eli"]))

921	if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
922	echo GOTMLS_return_threat("db_scan", "question", (print_r(array("scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("$val Rows", 0));//debug
923	foreach ($found_row as $frow) {
924	+ $encoded_id = GOTMLS_encode($frow["ID"].'.0');
925	$found = 0;
926	if ($frow["post_type"] != "revision" \|\| isset($_REQUEST["eli"])) {
927	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = $frow["post_content"];

929	$GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"] = microtime(true);
930	foreach ($scan_regex as $threat_definition)
931	$found += GOTMLS_preg_match_all($threat_definition, $threat_name);
932	+ if ($found && !isset($threats_found['row_id_'.$encoded_id])) {
933	+ $li_js = GOTMLS_return_threat("db_scan", "threat", "$found $threat_name(\"".str_replace('%', '*', trim($scan_sql, "%")).'") in '.$frow["post_type"]."(".(($frow["post_status"]=='inherit')?$frow["post_parent"]:$frow["post_status"]).'):"'.GOTMLS_htmlspecialchars($frow["post_title"]).'":'.$frow["ID"], '<input type="checkbox" name="GOTMLS_fix[]" id="check_'.$encoded_id.'" value="'.$encoded_id.'" checked="true">'.GOTMLS_error_link(__("View DB Injection",'gotmls'), $frow["ID"].'.0', "db_scan"));
934	+ //if (isset($_REQUEST["eli"]))
935	+ echo str_replace($frow["ID"].'</a>', '</a><a target="_blank" title="Open '.$frow["post_type"].'" href="'.admin_url(($frow["post_type"]=="revision")?'revision.php?revision='.$frow["ID"].'">View Revision: ':'post.php?action=edit&post='.$frow["ID"].'">Edit '.$frow["post_type"].': ').$frow["ID"].'</a>', $li_js);
936	+ //else echo $li_js;
937	+ $threats_found['row_id_'.$encoded_id] = $threat_name;

938	} elseif (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
939	echo GOTMLS_return_threat("db_scan", "question", (print_r(array("post_id"=>$frow["ID"], "scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("No preg_match", 0));//debug
940	}
941	}
942	+ }
943	+ if (($found_row = $wpdb->get_results(preg_replace('/\{[a-f0-9]{64}\}/', '%', $wpdb->prepare("SELECT * FROM `$wpdb->options` WHERE `option_value` LIKE %s", $scan_sql)), ARRAY_A)) && is_array($found_row) && count($found_row)) {
944	+ $val = count($found_row);
945	+ if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
946	+ echo GOTMLS_return_threat("db_scan", "question", (print_r(array("scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("$val Rows", 0));//debug
947	+ foreach ($found_row as $frow) {
948	+ $encoded_id = GOTMLS_encode($frow["option_id"].'.1');
949	+ $found = 0;
950	+ $opt_val = maybe_unserialize($frow["option_value"]);
951	+ if (is_array($opt_val)) {
952	+ $GLOBALS["GOTMLS"]["tmp"]["threats_found"] = array();
953	+ $GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"] = microtime(true);
954	+ foreach ($scan_regex as $threat_definition)
955	+ foreach ($opt_val as $GLOBALS["GOTMLS"]["tmp"]["file_contents"])
956	+ $found += GOTMLS_preg_match_all($threat_definition, $threat_name);
957	+ if ($found && !isset($threats_found['row_id_'.$encoded_id])) {
958	+ $li_js = GOTMLS_return_threat("db_scan", "threat", "$found $threat_name(\"".str_replace('%', '*', trim($scan_sql, "%")).'") in '."$wpdb->options:".GOTMLS_htmlspecialchars($frow["option_name"]).'":'.$frow["option_id"].'.1', '<input type="checkbox" name="GOTMLS_fix[]" id="check_'.$encoded_id.'" value="'.$encoded_id.'" checked="true">'.GOTMLS_error_link(__("View DB Injection",'gotmls'), $frow["option_id"].'.1', "db_scan"));
959	+ echo $li_js;
960	+ $threats_found['row_id_'.$encoded_id] = $threat_name;
961	+ } elseif (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
962	+ echo GOTMLS_return_threat("db_scan", "question", (print_r(array("post_id"=>$frow["ID"], "scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("No preg_match", 0));//debug
963	+ } else {
964	+ $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = $opt_val;
965	+ $GLOBALS["GOTMLS"]["tmp"]["threats_found"] = array();
966	+ $GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"] = microtime(true);
967	+ foreach ($scan_regex as $threat_definition)
968	+ $found += GOTMLS_preg_match_all($threat_definition, $threat_name);
969	+ if ($found && !isset($threats_found['row_id_'.$encoded_id])) {
970	+ $li_js = GOTMLS_return_threat("db_scan", "threat", "$found $threat_name(\"".str_replace('%', '*', trim($scan_sql, "%")).'") in '."$wpdb->options:".GOTMLS_htmlspecialchars($frow["option_name"]).'":'.$frow["option_id"].'.1', '<input type="checkbox" name="GOTMLS_fix[]" id="check_'.$encoded_id.'" value="'.$encoded_id.'" checked="true">'.GOTMLS_error_link(__("View DB Injection",'gotmls'), $frow["option_id"].'.1', "db_scan"));
971	+ echo $li_js;
972	+ $threats_found['row_id_'.$encoded_id] = $threat_name;
973	+ } elseif (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
974	+ echo GOTMLS_return_threat("db_scan", "question", (print_r(array("post_id"=>$frow["ID"], "scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("No preg_match", 0));//debug
975	+ }
976	+ }
977	+ }
978	}
979	}
980	}

1081	$insert["post_modified_gmt"] = $file["post_modified_gmt"];
1082	$insert["comment_count"] = strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]);
1083	$file = $file["post_type"].':'.$file["ID"].':"'.$file["post_title"].'"';
1084	+ } elseif (isset($file["option_id"]) && is_numeric($file["option_id"])) {
1085	+ $insert["post_modified"] = date("Y-m-d H:i:s");
1086	+ $insert["post_modified_gmt"] = date("Y-m-d H:i:s");
1087	+ $insert["comment_count"] = strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]);
1088	+ $file = $wpdb->options.':'.$file["option_id"].':"'.$file["option_name"].'"';
1089	}
1090	$insert["post_title"] = $file;
1091	$insert["post_date"] = date("Y-m-d H:i:s");

1142	$output = "";
1143	if (($output = @ob_get_contents()) && strlen(trim($output)) > 18) {
1144	@ob_clean();
1145	+ if (!(isset($_GET["eli"]) && $_GET["eli"] == "debug"))
1146	+ $output = preg_replace('/\/\<\!--\\/.?\/\-->\\//s', "", "$output/-->*"."/");
1147	echo "$output\n//flushed(".strlen(trim($output)).")\n";
1148	if ($tag)
1149	echo "\n</$tag>\n";
1150	if (@ob_get_length())
1151	@ob_flush();
1152	if ($tag)
1153	+ echo "<$tag>\n";
1154	+ echo "/<!--"."/";
1155	}
1156	}
1157

1251	}
1252
1253	function GOTMLS_error_link($errorTXT, $file = "", $class = "errors") {
1254	+ global $post, $wpdb;
1255	$encoded_file = GOTMLS_encode($file);
1256	+ $ids = explode(".", $file.'.');
1257	+ if (isset($post->post_title))
1258	+ $js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($post->post_title, ENT_NOQUOTES));
1259	+ elseif (count($ids) > 2 && 'tbl'.$ids[1] == 'tbl1' && is_numeric($ids[0]))
1260	+ $js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($wpdb->get_var("SELECT CONCAT('option', `option_id`, ': ', `option_name`) FROM `$wpdb->options` WHERE `option_id` = ".$ids[0]), ENT_NOQUOTES));
1261	+ elseif (count($ids) > 2 && 'tbl'.$ids[1] == 'tbl0' && is_numeric($ids[0]))
1262	+ $js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($wpdb->get_var("SELECT CONCAT(`post_type`, `ID`, ': ', `post_title`) FROM `$wpdb->posts` WHERE `ID` = ".$ids[0]), ENT_NOQUOTES));
1263	+ else
1264	+ $js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($file, ENT_NOQUOTES));
1265	+ if (count($ids) == 2 && is_numeric($ids[0])) {
1266	$encoded_file = $file;
1267	+ $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.__("Examine Quarantined Content",'gotmls').' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.$js_file).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."1263").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$file);
1268	} elseif ($file)
1269	+ $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.__("Examine Current Content",'gotmls').' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.$js_file).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."1265").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$encoded_file.preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:""));
1270	else
1271	$onclick = 'return false;';
1272	return "<a id=\"list_$encoded_file\" title=\"$errorTXT\" target=\"GOTMLS_iFrame\" onclick=\"$onclick\" class=\"GOTMLS_plugin $class\">";

1333	echo GOTMLS_return_threat("skipped", "blocked", $path, GOTMLS_error_link(sprintf(__('Skipped because of file size (%1$s bytes) or file extention (%2$s)!','gotmls'), $filesize, $file_ext), $file, "potential"));
1334	else
1335	echo "/-->"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java($path)."');\n/<!--"."/".GOTMLS_return_threat("dirs", "wait", $path);
1336	+ } elseif (is_dir($path)) {
1337	+ echo "/-->"."/\n//sub-directory $path;\n/<!--"."/";
1338	}
1339	}
1340	echo GOTMLS_return_threat("dir", "question", $dir);

1350	} else {
1351	GOTMLS_check_file($path);
1352	}
1353	+ } elseif (is_dir($path)) {
1354	+ $li_js .= "/-->"."/\n//sub-directory $path;\n/<!--"."/";
1355	}
1356	}
1357	echo GOTMLS_return_threat("dir", "checked", $dir);

index.php CHANGED Viewed

	@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8	Contributors: scheeeli, gotmls
9	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	- Version: 4.18.69
12	*/
13	if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14	include(dirname(__FILE__)."/safe-load/index.php");
	@@ -65,6 +65,8 @@ function GOTMLS_menu() {
65	add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-View-Quarantine", "GOTMLS_View_Quarantine");
66	}
67	}


68
69	function GOTMLS_admin_add_help_tab() {
70	$screen = get_current_screen();
	@@ -661,12 +663,21 @@ function GOTMLS_get_quarantine($only = false) {
661	}
662	$link = GOTMLS_error_link(__("View current/live version",'gotmls'), $post->post_title, $threat);
663	} elseif (is_array($postdb = explode(":", $post->post_title.":")) && count($postdb) > 3 && is_numeric($postdb[1])) {
664	- ~~$link~~ ~~= '<a target=~~"~~_blank~~" ~~href="';~~
665	- if ("~~revision"~~ == $postdb[0])
666	- $link .= ~~admin_url~~('~~revision.php?revision=~~'.$postdb[1]).~~"\"~~ ~~title=\"View this revision"~~;
667	- ~~else~~
668	- $link .= ~~admin_url~~('~~post~~.~~php?action=edit&post='.$~~postdb[1])~~."\"~~ ~~title=\~~"~~View current~~ "~~.$postdb[0~~];
669	- ~~$link .= "\" id=\"list_edit_$postdb[1]\" class=\"GOTMLS_plugin $threat\">";~~









670	}
671	$Q_Page .= '
672	<li id="GOTMLS_quarantine_'.$post->ID.'" class="GOTMLS_quarantine_item" onmouseover="this.style.fontWeight=\'bold\';" onmouseout="this.style.fontWeight=\'normal\';"><span class="GOTMLS_date">'.GOTMLS_error_link(__("View Quarantine Record",'gotmls'), $post->ID, $threat).$post->post_date_gmt.'</a></span><span class="GOTMLS_date">'.$post->post_modified_gmt.'</span><input type="checkbox" name="GOTMLS_fix[]" value="'.$action.'" /><img src="'.GOTMLS_images_path.$gif.'" height=16 width=16 alt="Q">'.$link.str_replace($root_path, "...", $post->post_title)."</a></li>\n";
	@@ -685,7 +696,7 @@ function GOTMLS_get_quarantine($only = false) {
685	}
686
687	function GOTMLS_View_Quarantine() {
688	- ~~GOTMLS_update_definitions~~();
689	$echo = GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
690	if (!isset($_GET['Whitelists']))
691	$echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
	@@ -696,7 +707,7 @@ function GOTMLS_View_Quarantine() {
696
697	function GOTMLS_Firewall_Options() {
698	global $current_user, $wpdb, $table_prefix;
699	- ~~GOTMLS_update_definitions~~();
700	GOTMLS_display_header();
701	$GOTMLS_nonce_found = GOTMLS_get_nonce();
702	$gt = ">";
	@@ -877,7 +888,7 @@ function GOTMLS_get_registrant($you) {
877	return $registrant;
878	}
879
880	- function ~~GOTMLS_update_definitions~~() {
881	global $wpdb;
882	$GOTMLS_definitions_versions = array();
883	$user_info = array();
	@@ -1011,14 +1022,13 @@ if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
1011	if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)
1012	$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[you]=".$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
1013	}
1014	- add_action('wp_ajax_GOTMLS_auto_update', 'GOTMLS_update_definitions');
1015
1016	function GOTMLS_settings() {
1017	global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
1018	$GOTMLS_scan_groups = array();
1019	$gt = ">";
1020	$lt = "<";
1021	- ~~GOTMLS_update_definitions~~();
1022	if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
1023	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
1024	/* removed old code */
	@@ -1239,7 +1249,7 @@ function update_status(title, time) {
1239	timeElapsed += " Second";
1240	if (timeElapsed.substr(0, 2) != "1 ")
1241	timeElapsed += "s";
1242	- divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
1243	document.getElementById("status_bar").innerHTML = divHTML;
1244	document.getElementById("status_text").innerHTML = title;
1245	dis="none";
	@@ -1451,8 +1461,6 @@ function GOTMLS_ajax_logintime() {
1451	$sess = (false && isset($_GET["GOTMLS_sess"]) && is_numeric($_GET["GOTMLS_sess"])) ? GOTMLS_htmlspecialchars($_GET["sess"]) : time();
1452	die("\n//Permission Error: User not authenticated!\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_offset_start = GOTMLS_login_offset.getTime() - ".$sess."000;\nfunction set_offset_id() {\n\tGOTMLS_login_offset = new Date();\n\tif (form_login = document.getElementById('offset_id'))\n\t\tform_login.value = GOTMLS_login_offset.getTime() - GOTMLS_login_offset_start;\n\tsetTimeout(set_offset_id, 15673);\n}\nset_offset_id();");
1453	}
1454	- add_action('wp_ajax_nopriv_GOTMLS_logintime', 'GOTMLS_ajax_logintime');
1455	- add_action('wp_ajax_GOTMLS_logintime', 'GOTMLS_ajax_logintime');
1456
1457	function GOTMLS_ajax_lognewkey() {
1458	@header("Content-type: text/javascript");
	@@ -1472,8 +1480,6 @@ function GOTMLS_ajax_lognewkey() {
1472	} else
1473	die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1474	}
1475	- add_action('wp_ajax_GOTMLS_lognewkey', 'GOTMLS_ajax_lognewkey');
1476	- add_action('wp_ajax_nopriv_GOTMLS_lognewkey', 'GOTMLS_ajax_nopriv');
1477
1478	function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1479	if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)
	@@ -1531,6 +1537,7 @@ function GOTMLS_init() {
1531	$scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1532	else
1533	$scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;

1534	if (GOTMLS_get_nonce()) {
1535	if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1536	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = $_REQUEST["dont_check"];
	@@ -1540,6 +1547,20 @@ function GOTMLS_init() {
1540	$scan_level = intval($_POST["scan_level"]);
1541	if (isset($scan_level) && is_numeric($scan_level))
1542	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);














1543	}
1544	if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1545	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
	@@ -1578,7 +1599,6 @@ function GOTMLS_ajax_position() {
1578	} else
1579	die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1580	}
1581	- add_action('wp_ajax_GOTMLS_position', 'GOTMLS_ajax_position');
1582
1583	function GOTMLS_ajax_empty_trash() {
1584	global $wpdb;
	@@ -1594,7 +1614,6 @@ function GOTMLS_ajax_empty_trash() {
1594	$properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nif (curDiv = window.parent.document.getElementById('empty_trash_link'))\n\tcurDiv.style.display = 'none';\nalert('$trashmsg');\n</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1595	die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1596	}
1597	- add_action('wp_ajax_GOTMLS_empty_trash', 'GOTMLS_ajax_empty_trash');
1598
1599	function GOTMLS_ajax_whitelist() {
1600	if (GOTMLS_get_nonce()) {
	@@ -1619,7 +1638,6 @@ function GOTMLS_ajax_whitelist() {
1619	} else
1620	die(GOTMLS_Invalid_Nonce("\n//Whitelist Error: ")."\n");
1621	}
1622	- add_action('wp_ajax_GOTMLS_whitelist', 'GOTMLS_ajax_whitelist');
1623
1624	function GOTMLS_ajax_fix() {
1625	if (GOTMLS_get_nonce()) {
	@@ -1628,7 +1646,7 @@ function GOTMLS_ajax_fix() {
1628	if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1629	GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1630	$callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);";
1631	- $li_js = "\n<script type=\"text/javascript\">\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Changed '+filesFixed+' files, failed to change '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (!isNaN(file)) {\n\t\tli_file = li_file.parentNode;\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/<!--"."/";
1632	@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1633	$HTML = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1634	echo $HTML[0];
	@@ -1716,7 +1734,6 @@ function GOTMLS_ajax_fix() {
1716	} else
1717	die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n</script>".__("Done!",'gotmls')))));
1718	}
1719	- add_action('wp_ajax_GOTMLS_fix', 'GOTMLS_ajax_fix');
1720
1721	function GOTMLS_ajax_scan() {
1722	if (GOTMLS_get_nonce()) {
	@@ -1749,6 +1766,7 @@ if (typeof window.parent.showhide === "function")
1749	@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1750	if (is_numeric($_GET["GOTMLS_scan"])) {
1751	if (($Q_post = GOTMLS_get_quarantine($_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {

1752	$clean_file = $Q_post["post_title"];
1753	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);
1754	$fa = "";
	@@ -1798,7 +1816,7 @@ if (typeof window.parent.showhide === "function")
1798	echo GOTMLS_scandir($file);
1799	if (@ob_get_level()) {
1800	GOTMLS_flush();
1801	- @~~ob_end_flush~~();
1802	}
1803	die('//END OF JavaScript');
1804	} elseif (file_exists($file)) {
	@@ -1832,19 +1850,8 @@ if (typeof window.parent.showhide === "function")
1832	die(GOTMLS_Invalid_Nonce("\n//Ajax Scan Error: ")."\n");
1833	}
1834	}
1835	- add_action('wp_ajax_GOTMLS_scan', 'GOTMLS_ajax_scan');
1836
1837	function GOTMLS_ajax_nopriv() {
1838	die("\n//Permission Error: User not authenticated!\n");
1839	}
1840	- add_action('wp_ajax_nopriv_GOTMLS_scan', 'GOTMLS_ajax_nopriv');
1841	- add_action('wp_ajax_nopriv_GOTMLS_position', 'GOTMLS_ajax_nopriv');
1842	- add_action('wp_ajax_nopriv_GOTMLS_fix', 'GOTMLS_ajax_nopriv');
1843	- add_action('wp_ajax_nopriv_GOTMLS_whitelist', 'GOTMLS_ajax_nopriv');
1844	- add_action('wp_ajax_nopriv_GOTMLS_empty_trash', 'GOTMLS_ajax_nopriv');
1845	- add_action('wp_ajax_nopriv_GOTMLS_auto_update', 'GOTMLS_update_definitions');
1846
1847	- add_action("plugins_loaded", "GOTMLS_loaded");
1848	- add_action("admin_notices", "GOTMLS_admin_notices");
1849	- add_action("admin_menu", "GOTMLS_menu");
1850	- add_action("network_admin_menu", "GOTMLS_menu");


8	Contributors: scheeeli, gotmls
9	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	+ Version: 4.18.71
12	*/
13	if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14	include(dirname(__FILE__)."/safe-load/index.php");

65	add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-View-Quarantine", "GOTMLS_View_Quarantine");
66	}
67	}
68	+ add_action("admin_menu", "GOTMLS_menu");
69	+ add_action("network_admin_menu", "GOTMLS_menu");
70
71	function GOTMLS_admin_add_help_tab() {
72	$screen = get_current_screen();

663	}
664	$link = GOTMLS_error_link(__("View current/live version",'gotmls'), $post->post_title, $threat);
665	} elseif (is_array($postdb = explode(":", $post->post_title.":")) && count($postdb) > 3 && is_numeric($postdb[1])) {
666	+ if ("options" == substr($postdb[0], -7)) {
667	+ if ($opt_row = $wpdb->get_row("SELECT * FROM `$wpdb->options` WHERE `option_id` = ".$postdb[0], ARRAY_A))
668	+ $link = GOTMLS_error_link(__("View Option Record: ",'gotmls').$postdb[1], $postdb[1].'.1', $threat);
669	+ elseif ($opt_row = $wpdb->get_row($SQL = $wpdb->prepare("SELECT * FROM `$wpdb->options` WHERE `option_name` LIKE %s", trim($postdb[2], '"')), ARRAY_A))
670	+ $link = GOTMLS_error_link(__("View Option Record: ",'gotmls').htmlspecialchars($postdb[2]), $opt_row["option_id"].'.1', $threat);
671	+ else
672	+ $link = GOTMLS_error_link(__("View Quarantine Record",'gotmls'), $post->ID, $threat);
673	+ } else {
674	+ $link = '<a target="_blank" href="';
675	+ if ("revision" == $postdb[0])
676	+ $link .= admin_url('revision.php?revision='.$postdb[1])."\" title=\"View this revision";
677	+ else
678	+ $link .= admin_url('post.php?action=edit&post='.$postdb[1])."\" title=\"View current ".$postdb[0];
679	+ $link .= "\" id=\"list_edit_$postdb[1]\" class=\"GOTMLS_plugin $threat\">";
680	+ }
681	}
682	$Q_Page .= '
683	<li id="GOTMLS_quarantine_'.$post->ID.'" class="GOTMLS_quarantine_item" onmouseover="this.style.fontWeight=\'bold\';" onmouseout="this.style.fontWeight=\'normal\';"><span class="GOTMLS_date">'.GOTMLS_error_link(__("View Quarantine Record",'gotmls'), $post->ID, $threat).$post->post_date_gmt.'</a></span><span class="GOTMLS_date">'.$post->post_modified_gmt.'</span><input type="checkbox" name="GOTMLS_fix[]" value="'.$action.'" /><img src="'.GOTMLS_images_path.$gif.'" height=16 width=16 alt="Q">'.$link.str_replace($root_path, "...", $post->post_title)."</a></li>\n";

696	}
697
698	function GOTMLS_View_Quarantine() {
699	+ GOTMLS_ajax_auto_update();
700	$echo = GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
701	if (!isset($_GET['Whitelists']))
702	$echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";

707
708	function GOTMLS_Firewall_Options() {
709	global $current_user, $wpdb, $table_prefix;
710	+ GOTMLS_ajax_auto_update();
711	GOTMLS_display_header();
712	$GOTMLS_nonce_found = GOTMLS_get_nonce();
713	$gt = ">";

888	return $registrant;
889	}
890
891	+ function GOTMLS_ajax_auto_update() {
892	global $wpdb;
893	$GOTMLS_definitions_versions = array();
894	$user_info = array();

1022	if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) && strlen($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"]) == 32)
1023	$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&def[you]=".$GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["you"]["user_email"];
1024	}

1025
1026	function GOTMLS_settings() {
1027	global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
1028	$GOTMLS_scan_groups = array();
1029	$gt = ">";
1030	$lt = "<";
1031	+ GOTMLS_ajax_auto_update();
1032	if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
1033	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
1034	/* removed old code */

1249	timeElapsed += " Second";
1250	if (timeElapsed.substr(0, 2) != "1 ")
1251	timeElapsed += "s";
1252	+ divHTML = \''.$lt.'div align="center" style="vertical-align: middle; background-color: #ccc; z-index: 3; height: 18px; width: 100%; border: solid #000 1px; position: relative; padding: 10px 0;"'.$gt.$lt.'div style="height: 18px; padding: 10px 0; position: absolute; top: 0px; left: 0px; background-color: #\'+scan_state+\'; width: \'+percent+\'%"'.$gt.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; left: 10px; z-index: 5; line-height: 16px;" align="left"'.$gt.'\'+sdir+" Folder"+(sdir==1?"":"s")+" Checked'.$lt.'br /'.$gt.'"+timeElapsed+\' Elapsed'.$lt.'/div'.$gt.$lt.'div style="height: 38px; position: absolute; top: 0px; left: 0px; width: 100%; z-index: 5; line-height: 38px; font-size: 30px; text-align: center; box-sizing: content-box;"'.$gt.'\'+percent+\'%'.$lt.'/div'.$gt.$lt.'div style="height: 32px; position: absolute; top: 3px; right: 10px; z-index: 5; line-height: 16px;" align="right"'.$gt.'\'+(dirs-sdir)+" Folder"+((dirs-sdir)==1?"":"s")+" Remaining'.$lt.'br /'.$gt.'"+timeRemaining+" Remaining'.$lt.'/div'.$gt.$lt.'/div'.$gt.'";
1253	document.getElementById("status_bar").innerHTML = divHTML;
1254	document.getElementById("status_text").innerHTML = title;
1255	dis="none";

1461	$sess = (false && isset($_GET["GOTMLS_sess"]) && is_numeric($_GET["GOTMLS_sess"])) ? GOTMLS_htmlspecialchars($_GET["sess"]) : time();
1462	die("\n//Permission Error: User not authenticated!\nvar GOTMLS_login_offset = new Date();\nvar GOTMLS_login_offset_start = GOTMLS_login_offset.getTime() - ".$sess."000;\nfunction set_offset_id() {\n\tGOTMLS_login_offset = new Date();\n\tif (form_login = document.getElementById('offset_id'))\n\t\tform_login.value = GOTMLS_login_offset.getTime() - GOTMLS_login_offset_start;\n\tsetTimeout(set_offset_id, 15673);\n}\nset_offset_id();");
1463	}


1464
1465	function GOTMLS_ajax_lognewkey() {
1466	@header("Content-type: text/javascript");

1480	} else
1481	die(GOTMLS_Invalid_Nonce("\n//Log New Key Error: ")."\n");
1482	}


1483
1484	function GOTMLS_set_plugin_action_links($links_array, $plugin_file) {
1485	if ($plugin_file == substr(str_replace("\\", "/", __FILE__), (-1 * strlen($plugin_file))) && strlen($plugin_file) > 10)

1537	$scan_level = intval($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]);
1538	else
1539	$scan_level = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1540	+ $ajax_functions = array('auto_update', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'whitelist');
1541	if (GOTMLS_get_nonce()) {
1542	if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1543	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = $_REQUEST["dont_check"];

1547	$scan_level = intval($_POST["scan_level"]);
1548	if (isset($scan_level) && is_numeric($scan_level))
1549	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = intval($scan_level);
1550	+ foreach ($ajax_functions as $ajax_function) {
1551	+ add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1552	+ add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1553	+ }
1554	+ } elseif (GOTMLS_user_can()) {
1555	+ foreach ($ajax_functions as $ajax_function) {
1556	+ add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_$ajax_function");
1557	+ add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", "GOTMLS_ajax_nopriv");
1558	+ }
1559	+ } else {
1560	+ foreach ($ajax_functions as $ajax_function) {
1561	+ add_action("wp_ajax_GOTMLS_$ajax_function", "GOTMLS_ajax_nopriv");
1562	+ add_action("wp_ajax_nopriv_GOTMLS_$ajax_function", "GOTMLS_ajax_nopriv");
1563	+ }
1564	}
1565	if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1566	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;

1599	} else
1600	die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1601	}

1602
1603	function GOTMLS_ajax_empty_trash() {
1604	global $wpdb;

1614	$properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nif (curDiv = window.parent.document.getElementById('empty_trash_link'))\n\tcurDiv.style.display = 'none';\nalert('$trashmsg');\n</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
1615	die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
1616	}

1617
1618	function GOTMLS_ajax_whitelist() {
1619	if (GOTMLS_get_nonce()) {

1638	} else
1639	die(GOTMLS_Invalid_Nonce("\n//Whitelist Error: ")."\n");
1640	}

1641
1642	function GOTMLS_ajax_fix() {
1643	if (GOTMLS_get_nonce()) {

1646	if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
1647	GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
1648	$callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);";
1649	+ $li_js = "\n<script type=\"text/javascript\">\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Changed '+filesFixed+' files, failed to change '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file)) {\n\tli_file.className='GOTMLS_plugin';\n\tif (true \|\| !isNaN(file)) {\n\t\tli_file = li_file.parentNode".(isset($_REQUEST["GOTMLS_fix"][0]) && is_numeric($_REQUEST["GOTMLS_fix"][0])?'.parentNode':'').";\n\t\tli_file.style.display='none';\n\t\tli_file.innerHTML='';\n}}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/<!--"."/";
1650	@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
1651	$HTML = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
1652	echo $HTML[0];

1734	} else
1735	die(GOTMLS_html_tags(array("html" => array("body" => "<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\nalert('".GOTMLS_Invalid_Nonce("")."');\n</script>".__("Done!",'gotmls')))));
1736	}

1737
1738	function GOTMLS_ajax_scan() {
1739	if (GOTMLS_get_nonce()) {

1766	@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1767	if (is_numeric($_GET["GOTMLS_scan"])) {
1768	if (($Q_post = GOTMLS_get_quarantine($_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
1769	+ ////////// posts table (quarantine)
1770	$clean_file = $Q_post["post_title"];
1771	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);
1772	$fa = "";

1816	echo GOTMLS_scandir($file);
1817	if (@ob_get_level()) {
1818	GOTMLS_flush();
1819	+ @ob_end_clean();//_flush();
1820	}
1821	die('//END OF JavaScript');
1822	} elseif (file_exists($file)) {

1850	die(GOTMLS_Invalid_Nonce("\n//Ajax Scan Error: ")."\n");
1851	}
1852	}

1853
1854	function GOTMLS_ajax_nopriv() {
1855	die("\n//Permission Error: User not authenticated!\n");
1856	}






1857

readme.txt CHANGED Viewed

	@@ -5,10 +5,10 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5	Contributors: scheeeli, gotmls
6	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7	Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	- Version: 4.18.69
9	- Stable tag: 4.18.69
10	Requires at least: 3.3
11	- Tested up to: 5.2
12
13	This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14
	@@ -27,7 +27,7 @@ This Anti-Malware scanner searches for Malware, Viruses, and other security thre
27	* Check the integrity of your WordPress Core files.
28	* Automatically download new Definition Updates when running a Complete Scan.
29
30	- Updated ~~Apr~~ ~~29th~~
31
32	Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
33
	@@ -94,6 +94,12 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
94
95	== Changelog ==
96






97	= 4.18.69 =
98	* Added a Warning message about the vulnerability in the yuzo-related-post plugin.
99	* Updated the Quarantine interface and added a re-scan / re-clean feature.
	@@ -367,6 +373,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
367
368	== Upgrade Notice ==
369



370	= 4.18.69 =
371	Added a Warning message about the vulnerability in the yuzo-related-post plugin, updated the Quarantine interface with a re-scan / re-clean feature, fixed a bug in the scan depth array that would produce PHP Notices, changed some wording and other minor fomatting issues, and checked code for compatibility with WP 5.2 (latest release).
372


5	Contributors: scheeeli, gotmls
6	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7	Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	+ Version: 4.18.71
9	+ Stable tag: 4.18.71
10	Requires at least: 3.3
11	+ Tested up to: 5.2.1
12
13	This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14

27	* Check the integrity of your WordPress Core files.
28	* Automatically download new Definition Updates when running a Complete Scan.
29
30	+ Updated June 2nd
31
32	Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
33

94
95	== Changelog ==
96
97	+ = 4.18.71 =
98	+ * Added wp_options table to the db_scan.
99	+ * Fixed a few minor bugs in the db scan quarantine view.
100	+ * Changed some wording and other minor fomatting issues.
101	+ * Checked code for compatibility with WP 5.2.1 (latest release).
102	+
103	= 4.18.69 =
104	* Added a Warning message about the vulnerability in the yuzo-related-post plugin.
105	* Updated the Quarantine interface and added a re-scan / re-clean feature.

373
374	== Upgrade Notice ==
375
376	+ = 4.18.71 =
377	+ Added wp_options table to the db_scan and fixed a few minor bugs in the quarantine view, and changed some wording and checked code for compatibility with WP 5.2.1 (latest release).
378	+
379	= 4.18.69 =
380	Added a Warning message about the vulnerability in the yuzo-related-post plugin, updated the Quarantine interface with a re-scan / re-clean feature, fixed a bug in the scan depth array that would produce PHP Notices, changed some wording and other minor fomatting issues, and checked code for compatibility with WP 5.2 (latest release).
381

Anti-Malware Security and Brute-Force Firewall - Version 4.18.71

Version Description

Release Info

Code changes from version 4.18.69 to 4.18.71