Posted a reply to Passing parameter causing fatal error, on the site WordPress.org Forums:
It would be helpful to know what that critical error actually is, can you view…

Posted a reply to Invalid or expired Nonce Token!, on the site WordPress.org Forums:
Yes, that means that the security token that was used to start the scan had…

Posted a reply to No response from server!, on the site WordPress.org Forums:
Yes, this confirms that this issue is caused by a restrictive CSP in your server's…

Posted a reply to WPVivid Plugin File – False Positive?, on the site WordPress.org Forums:
Thank you for sending me that file, it is actually nothing at all like those…

Posted a reply to No response from server!, on the site WordPress.org Forums:
Maybe there is some CSP or another security measure on the new server that is…

Posted a reply to WPVivid Plugin File – False Positive?, on the site WordPress.org Forums:
Ok, something does not add up and your screenshot finally gave me a clue. As…

Posted a reply to WPVivid Plugin File – False Positive?, on the site WordPress.org Forums:
The file I have Middleware.php is from the guzzle source code and in included in…

Posted a reply to WPVivid Plugin File – False Positive?, on the site WordPress.org Forums:
I don't think this is a false positive. The code that you posted a link…

Posted a reply to Registration issues, on the site WordPress.org Forums:
With only a general description of the problem I can only give you a general…

Posted a reply to Malware infection reported with the WordPress site hosted at Bluehost, on the site WordPress.org Forums:
These two reports differ primarily because the SiteLock report is scanning URLs that are visible…

Posted a reply to Registration issues, on the site WordPress.org Forums:
When this happens it is almost always to do with some kind of CSP or…

Posted a reply to Getting a cUrl 28 error code with REST Users API enabled, on the site WordPress.org Forums:
Thanks you for contacting me about this issue. I have had one other report of…

Posted a reply to Viewing scan history, false positives, clearing history, and other plugins, on the site WordPress.org Forums:
Hi Paul, I sent a reply to your direct email 3 days ago and have…

Posted a reply to Scan Core File Changes Setting Not Working, on the site WordPress.org Forums:
This was most likely because the update was pushed out to your site before I…

Posted a reply to “Got Stuck” loop. PHP 8 related?, on the site WordPress.org Forums:
Thank you for reporting this error. I have just released a new plugin update to…

Posted a reply to SG Security and SG Optimizer compatibility, on the site WordPress.org Forums:
Yes, my plugin should work fine on SiteGround hosting, and it was designed to be…

Posted a reply to Is there a whitelist option?, on the site WordPress.org Forums:
Thanks for the additional info. As I suspected, the script is placed outside the BODY…

Posted a reply to Is there a whitelist option?, on the site WordPress.org Forums:
Yes, you can click on the file name that is listed as a "Known Threat"…

Posted a reply to Use with WordFence, on the site WordPress.org Forums:
Yes, of course. You should be able to use my plugin in conjunction with any…

Posted a reply to DB Injection not seen by plugin, on the site WordPress.org Forums:
Thanks for following up. That's great that you figured it out and fix it. Are…

Posted a reply to DB Injection not seen by plugin, on the site WordPress.org Forums:
If you still need help with this can you please post a link to your…

Posted a reply to SQLreport causing site to crash, on the site WordPress.org Forums:
Looks like the site is working now and your last post suggest that you found…

Posted a reply to WP CLI support – pleeeaaassseee!, on the site WordPress.org Forums:
As a hosting agency, I too understand the concern any scan might impact the server's…

Posted a reply to You’re hijacking calls to amin-ajax.php that are not for you., on the site WordPress.org Forums:
In my particular case it is very specific, yes. However, there is a potential that…

Posted a reply to You’re hijacking calls to amin-ajax.php that are not for you., on the site WordPress.org Forums:
My plugin is https://wordpress.org/plugins/gotmls/ ...and this only seems to be a problem when there are…

Posted a reply to Known Threats or False Positive (Wordfence), on the site WordPress.org Forums:
Thank you so much for reporting this to me. Those were in fact just false…

Posted a reply to You’re hijacking calls to amin-ajax.php that are not for you., on the site WordPress.org Forums:
Thanks for the quick reply. Please let me know when you have it fix or…

Posted a reply to Checking if valid threat, on the site WordPress.org Forums:
Just wanted to follow up here and say that I received a copy of this…

Posted a reply to WP CLI support – pleeeaaassseee!, on the site WordPress.org Forums:
Thank you for your interest in my plugin. Unfortunately the scan engine is not compatible…

Posted a reply to Can you confirm if this is malicious?, on the site WordPress.org Forums:
Thanks for sending me that file. As it is from a paid plugin it is…

Posted a reply to Can you confirm if this is malicious?, on the site WordPress.org Forums:
Hi Bruno, Yes, can you please email me that file so that I can check…

Posted a reply to bad script not seen by the plugin, on the site WordPress.org Forums:
I would certainly be able to offer a lot more helpful advice is you could…

Posted a reply to Blocks REST API by Revive old post, on the site WordPress.org Forums:
I have released a new plugin update which should resolve this issue for you. Please…

Posted a reply to Scan subdirectories outside public_html, on the site WordPress.org Forums:
The best way to scan those other sites would be to install my plugin on…

Posted a reply to Scan subdirectories outside public_html, on the site WordPress.org Forums:
The easiest way to include other directory trees in the complete scan of the public_html…

Posted a reply to good idea or bad idea, on the site WordPress.org Forums:
Personally I think more protection is better. As long as the other plugin is effective…

Posted a reply to You have been redirected here from xxxxxxxxxx which is protected by, on the site WordPress.org Forums:
Try refreshing your login page and make sure that there are no JavaScript errors before…

Posted a reply to Blocks REST API by Revive old post, on the site WordPress.org Forums:
This warning you are getting is because the Brute Force Protection in my plugin uses…

Posted a reply to This SQL Query has not been allowed by an Administrator., on the site WordPress.org Forums:
This security warning indicates that there must be a saved report with exactly the same…

Posted a reply to Checking if valid threat, on the site WordPress.org Forums:
I cannot confirm without more information. The code you provided here does not actually match…

Posted a reply to Malware cleaned but came back, on the site WordPress.org Forums:
@manujks, You did not understand my suggestion then because I ask users to send me…

Posted a reply to Malware cleaned but came back, on the site WordPress.org Forums:
You can remove those db entries but that will not stop your repeated infections from…

Posted a reply to FW_Traversal, on the site WordPress.org Forums:
As I have outlined above, this is caused by some field in your form that…