hooks.php contains a malicious code pattern

Home Forums Jevelin Theme hooks.php contains a malicious code pattern

Home Forums Jevelin Theme hooks.php contains a malicious code pattern

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
  • staterequirement
    Participant

    Hello,

    On the site: StateRequirement

    Jetpack is giving a potential threat error after updating to the latest version of Jevelin:

     
    <h2 class=”card-heading”>The file <code class=”threat-item-header__alert-filename”>hooks.php contains a malicious code pattern</h2>
    <div class=”log-item__subheader”>Threat found (<span class=”threat-item-subheader__alert-signature”>PHP.Generic.BadPattern.6</span>)</div>

    Threat found in file: /var/www/html/wp-content/themes/jevelin/inc/hooks.php

    <div class=”marked-lines__line-numbers”>
    <div class=”marked-lines__line-number”>’jevelin-unyaon-rgba-fix’,</div>
    </div>
    <div class=”marked-lines__lines”>
    <div class=”marked-lines__line marked-lines__marked-line”>’_fw_option_type_’ . <mark class=”marked-lines__mark”>str_replace( ‘-‘, ‘_’, ‘rgba-color-picker’ )</mark> . ‘_localized’,</div>
    <div class=”marked-lines__line”>array( ‘l10n’ => array( ‘reset_to_default’ => esc_html__( ‘Reset’, ‘fw’ ) ) )</div>
    </div>
     

     

    Could you please help to remove this issue? Thanks!

    Hi @staterequirement,

     

    I hope you are well today and thank you for your question.

     

    This can be due to a virus attack on your web server so I recommend you to scan for virus and reinstall the below latest version of the theme.

     


    Please login to access this file

     

    If you are still facing the issue then could you please share the screenshot of the screen where you are getting it?

     

    Best regards,
    Shufflehound team

    staterequirement
    Participant

    Please see attached image.

    Thank you!

    Attachments:
    You must be logged in to view attached files.

    I see the below code on line number 915 of the theme file /jevelin/inc/hooks.php but I don’t see any issue with that code still I have notified the theme developer to change it that will be done in the future version of the theme.

     

    '_fw_option_type_' . str_replace( '-', '_', 'rgba-color-picker' ) . '_localized',

     

    In the meantime, you can fix it by changing the above shared code as below.

     

    '_fw_option_type_rgba_color_picker_localized',

    staterequirement
    Participant

    Thanks for letting me know!

    You are most welcome here 🙂

    staterequirement
    Participant

    Just a heads up:

    After installing the most recent version of the Jevelin Theme, the same “Threat” is being flagged by Jetpack in the admin.php file.

    See attached image for details.

     

    Thanks!

    Attachments:
    You must be logged in to view attached files.

    I have also notified this to the theme developer so that it will be fixed.

    The issue is resolved in the below latest version of theme so please update the theme as described here https://support.shufflehound.com/updating-theme/

     


    Please login to access this file

Viewing 9 posts - 1 through 9 (of 9 total)