Closed msuemnig closed 5 years ago
You can extend white list for yourself, currently a big whitelist generation is under progress to minimalise false positive reports.
But a list with the popular WP plugins would be great.
Could you make a new run with --combined-whitelist
option, the database now generated from original sources.
And if you can provide me a plugin list for wordpress then i will include those values too.
no response, closing
If useful, would you like false positives reported for publicly available WordPress plugins? Things like...
ER # {/var/www/html/mysite.com/wp-content/plugins/all-in-one-wp-security-and-firewall/classes/wp-security-utility-htaccess.php}
ER # {/var/www/html/mysite.com/wp-content/plugins/all-in-one-wp-security-and-firewall/lib/whois/whois.main.php}
...show up on every scan and they are always false positives. Just offering to send you logs or whatever for the most popular plugins, if that is useful. Thanks for the work. It's much appreciated!