{"id":221,"date":"2017-08-07T23:11:37","date_gmt":"2017-08-07T22:11:37","guid":{"rendered":"http:\/\/dzn-studios.com\/blog\/?p=221"},"modified":"2017-08-07T23:11:37","modified_gmt":"2017-08-07T22:11:37","slug":"detecting-malicious-codes-hidden-within-wordpress-themesplugins","status":"publish","type":"post","link":"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/","title":{"rendered":"Detecting Malicious Codes Hidden Within WordPress Themes\/Plugins"},"content":{"rendered":"<h2>Step 1:\u00a0Check for Virus and Trojans<\/h2>\n<p>After downloading the plugin or theme, the first thing you should do is to check for virus, trojans and other worms that you may not like it.<\/p>\n<p>Go to <a href=\"http:\/\/virustotal.com\">VirusTotal.com<\/a> and upload the zip file to check for virus.<\/p>\n<p>If your file is infected you will get a red signal and if not then you can move on to next step.<\/p>\n<p>&nbsp;<\/p>\n<h2>Step 2: Check for unwanted codes in Plugins<\/h2>\n<p>Now lets check for unwanted codes in plugins using another WordPress plugin called\u00a0<strong><a href=\"http:\/\/wordpress.org\/extend\/plugins\/exploit-scanner\/\" target=\"_blank\">Exploit Scanner<\/a>,\u00a0<\/strong>which can be securely downloaded from WordPress website<strong>.<\/strong><\/p>\n<p>After installing it go to\u00a0<strong><em>Dashboard &gt; Tools &gt; Exploit Scanner\u00a0<\/em><\/strong>and run the scan. It will take some time to\u00a0complete the scan and the time depends on number of plugins you have installed.<\/p>\n<p>After the scan you can see a list of codes that are suspected. You can use the browser search function to find the plugins that you installed from outside WordPress repository.<\/p>\n<p>&nbsp;<\/p>\n<h2>Step 3: Check for Theme authenticity<\/h2>\n<p>Adding a backlink in a free theme is very common technique but you can easily find those\u00a0exploited\u00a0themes by the plugin called\u00a0<a href=\"http:\/\/wordpress.org\/extend\/plugins\/tac\/\" target=\"_blank\">Theme Authenticity Checker (TAC)<\/a>.<\/p>\n<p>Install the plugin and go to\u00a0<em><strong>Dashboard &gt; Appearance &gt; TAC<\/strong><\/em><\/p>\n<p>You can see the list of themes installed with their authenticity result. It will give a warning if any encrypted links are found in a theme.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Step 1:\u00a0Check for Virus and Trojans After downloading the plugin or theme, the first thing you should do is to check for virus, trojans and other worms that you may not like it. Go to VirusTotal.com and upload the zip file to check for virus. If your file is infected you will get a red signal and if not then you can move on to next step. &nbsp; Step 2: Check for unwanted codes in Plugins Now lets check for unwanted codes in plugins using another WordPress plugin called\u00a0Exploit Scanner,\u00a0which can be securely downloaded from WordPress website. After installing it go to\u00a0Dashboard &gt; Tools &gt; Exploit Scanner\u00a0and run the scan. It will take some time to\u00a0complete the scan and the time depends on number of plugins you have installed. After the scan you can see a list of codes that are suspected. You can use the browser search function to find the plugins that you installed from outside WordPress repository. &nbsp; Step 3: Check for Theme authenticity Adding a backlink in a free theme is very common technique but you can easily find those\u00a0exploited\u00a0themes by the plugin called\u00a0Theme Authenticity Checker (TAC). Install the plugin and go to\u00a0Dashboard &gt; Appearance &gt; [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":223,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"spay_email":"","footnotes":"","jetpack_publicize_message":"Detecting Malicious Codes Hidden Within Wordpress Themes\/Plugins","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[64],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v18.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Detecting Malicious Codes in Wordpress Themes\/Plugins<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Detecting Malicious Codes in Wordpress Themes\/Plugins\" \/>\n<meta property=\"og:description\" content=\"Step 1:\u00a0Check for Virus and Trojans After downloading the plugin or theme, the first thing you should do is to check for virus, trojans and other worms that you may not like it. Go to VirusTotal.com and upload the zip file to check for virus. If your file is infected you will get a red signal and if not then you can move on to next step. &nbsp; Step 2: Check for unwanted codes in Plugins Now lets check for unwanted codes in plugins using another WordPress plugin called\u00a0Exploit Scanner,\u00a0which can be securely downloaded from WordPress website. After installing it go to\u00a0Dashboard &gt; Tools &gt; Exploit Scanner\u00a0and run the scan. It will take some time to\u00a0complete the scan and the time depends on number of plugins you have installed. After the scan you can see a list of codes that are suspected. You can use the browser search function to find the plugins that you installed from outside WordPress repository. &nbsp; Step 3: Check for Theme authenticity Adding a backlink in a free theme is very common technique but you can easily find those\u00a0exploited\u00a0themes by the plugin called\u00a0Theme Authenticity Checker (TAC). Install the plugin and go to\u00a0Dashboard &gt; Appearance &gt; [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/\" \/>\n<meta property=\"og:site_name\" content=\"dzn | blog | Web Design, Design, Marketing, Life.\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/dznstudios\" \/>\n<meta property=\"article:author\" content=\"markhardman345\" \/>\n<meta property=\"article:published_time\" content=\"2017-08-07T22:11:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.dzn-studios.com\/blog\/wp-content\/uploads\/2017\/08\/Wordpress.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"843\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary\" \/>\n<meta name=\"twitter:creator\" content=\"@markhardman\" \/>\n<meta name=\"twitter:site\" content=\"@dznstudios\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mark\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.dzn-studios.com\/blog\/#website\",\"url\":\"https:\/\/www.dzn-studios.com\/blog\/\",\"name\":\"dzn | blog | Web Design, Design, Marketing, Life.\",\"description\":\"Specialising in Marketing, Design &amp; Web. dzn studios has been established for 13 years. Based in Tenerife, we collaborate with businesses of all sizes, to accelerate their growth.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.dzn-studios.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/#primaryimage\",\"inLanguage\":\"en-GB\",\"url\":\"https:\/\/www.dzn-studios.com\/blog\/wp-content\/uploads\/2017\/08\/Wordpress.jpg\",\"contentUrl\":\"https:\/\/www.dzn-studios.com\/blog\/wp-content\/uploads\/2017\/08\/Wordpress.jpg\",\"width\":1500,\"height\":843},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/#webpage\",\"url\":\"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/\",\"name\":\"Detecting Malicious Codes in Wordpress Themes\/Plugins\",\"isPartOf\":{\"@id\":\"https:\/\/www.dzn-studios.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/#primaryimage\"},\"datePublished\":\"2017-08-07T22:11:37+00:00\",\"dateModified\":\"2017-08-07T22:11:37+00:00\",\"author\":{\"@id\":\"https:\/\/www.dzn-studios.com\/blog\/#\/schema\/person\/712323b24ff68403708b9902730eddad\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.dzn-studios.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Detecting Malicious Codes Hidden Within WordPress Themes\/Plugins\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.dzn-studios.com\/blog\/#\/schema\/person\/712323b24ff68403708b9902730eddad\",\"name\":\"Mark\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.dzn-studios.com\/blog\/#personlogo\",\"inLanguage\":\"en-GB\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2338984c2a4cc733835f7ace31d50b41?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2338984c2a4cc733835f7ace31d50b41?s=96&d=mm&r=g\",\"caption\":\"Mark\"},\"sameAs\":[\"http:\/\/www.dzn-studios.com\",\"markhardman345\",\"markhardman\",\"https:\/\/twitter.com\/markhardman\"],\"url\":\"https:\/\/www.dzn-studios.com\/blog\/author\/admindzn\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Detecting Malicious Codes in Wordpress Themes\/Plugins","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/","og_locale":"en_GB","og_type":"article","og_title":"Detecting Malicious Codes in Wordpress Themes\/Plugins","og_description":"Step 1:\u00a0Check for Virus and Trojans After downloading the plugin or theme, the first thing you should do is to check for virus, trojans and other worms that you may not like it. Go to VirusTotal.com and upload the zip file to check for virus. If your file is infected you will get a red signal and if not then you can move on to next step. &nbsp; Step 2: Check for unwanted codes in Plugins Now lets check for unwanted codes in plugins using another WordPress plugin called\u00a0Exploit Scanner,\u00a0which can be securely downloaded from WordPress website. After installing it go to\u00a0Dashboard &gt; Tools &gt; Exploit Scanner\u00a0and run the scan. It will take some time to\u00a0complete the scan and the time depends on number of plugins you have installed. After the scan you can see a list of codes that are suspected. You can use the browser search function to find the plugins that you installed from outside WordPress repository. &nbsp; Step 3: Check for Theme authenticity Adding a backlink in a free theme is very common technique but you can easily find those\u00a0exploited\u00a0themes by the plugin called\u00a0Theme Authenticity Checker (TAC). Install the plugin and go to\u00a0Dashboard &gt; Appearance &gt; [&hellip;]","og_url":"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/","og_site_name":"dzn | blog | Web Design, Design, Marketing, Life.","article_publisher":"http:\/\/www.facebook.com\/dznstudios","article_author":"markhardman345","article_published_time":"2017-08-07T22:11:37+00:00","og_image":[{"width":1500,"height":843,"url":"https:\/\/www.dzn-studios.com\/blog\/wp-content\/uploads\/2017\/08\/Wordpress.jpg","type":"image\/jpeg"}],"twitter_card":"summary","twitter_creator":"@markhardman","twitter_site":"@dznstudios","twitter_misc":{"Written by":"Mark","Estimated reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.dzn-studios.com\/blog\/#website","url":"https:\/\/www.dzn-studios.com\/blog\/","name":"dzn | blog | Web Design, Design, Marketing, Life.","description":"Specialising in Marketing, Design &amp; Web. dzn studios has been established for 13 years. Based in Tenerife, we collaborate with businesses of all sizes, to accelerate their growth.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.dzn-studios.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"ImageObject","@id":"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/#primaryimage","inLanguage":"en-GB","url":"https:\/\/www.dzn-studios.com\/blog\/wp-content\/uploads\/2017\/08\/Wordpress.jpg","contentUrl":"https:\/\/www.dzn-studios.com\/blog\/wp-content\/uploads\/2017\/08\/Wordpress.jpg","width":1500,"height":843},{"@type":"WebPage","@id":"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/#webpage","url":"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/","name":"Detecting Malicious Codes in Wordpress Themes\/Plugins","isPartOf":{"@id":"https:\/\/www.dzn-studios.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/#primaryimage"},"datePublished":"2017-08-07T22:11:37+00:00","dateModified":"2017-08-07T22:11:37+00:00","author":{"@id":"https:\/\/www.dzn-studios.com\/blog\/#\/schema\/person\/712323b24ff68403708b9902730eddad"},"breadcrumb":{"@id":"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.dzn-studios.com\/blog\/detecting-malicious-codes-hidden-within-wordpress-themesplugins\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.dzn-studios.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Detecting Malicious Codes Hidden Within WordPress Themes\/Plugins"}]},{"@type":"Person","@id":"https:\/\/www.dzn-studios.com\/blog\/#\/schema\/person\/712323b24ff68403708b9902730eddad","name":"Mark","image":{"@type":"ImageObject","@id":"https:\/\/www.dzn-studios.com\/blog\/#personlogo","inLanguage":"en-GB","url":"https:\/\/secure.gravatar.com\/avatar\/2338984c2a4cc733835f7ace31d50b41?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2338984c2a4cc733835f7ace31d50b41?s=96&d=mm&r=g","caption":"Mark"},"sameAs":["http:\/\/www.dzn-studios.com","markhardman345","markhardman","https:\/\/twitter.com\/markhardman"],"url":"https:\/\/www.dzn-studios.com\/blog\/author\/admindzn\/"}]}},"jetpack_featured_media_url":"https:\/\/www.dzn-studios.com\/blog\/wp-content\/uploads\/2017\/08\/Wordpress.jpg","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6nwHl-3z","_links":{"self":[{"href":"https:\/\/www.dzn-studios.com\/blog\/wp-json\/wp\/v2\/posts\/221"}],"collection":[{"href":"https:\/\/www.dzn-studios.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dzn-studios.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dzn-studios.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dzn-studios.com\/blog\/wp-json\/wp\/v2\/comments?post=221"}],"version-history":[{"count":2,"href":"https:\/\/www.dzn-studios.com\/blog\/wp-json\/wp\/v2\/posts\/221\/revisions"}],"predecessor-version":[{"id":224,"href":"https:\/\/www.dzn-studios.com\/blog\/wp-json\/wp\/v2\/posts\/221\/revisions\/224"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dzn-studios.com\/blog\/wp-json\/wp\/v2\/media\/223"}],"wp:attachment":[{"href":"https:\/\/www.dzn-studios.com\/blog\/wp-json\/wp\/v2\/media?parent=221"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dzn-studios.com\/blog\/wp-json\/wp\/v2\/categories?post=221"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dzn-studios.com\/blog\/wp-json\/wp\/v2\/tags?post=221"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}