Hi Ryan,
I’m very sorry to hear that but the alert is 100% false positive.
Challenge:
If anyone (expert of the field, even your host provider) can prove that it contains malware then I’ll remove plugin from repository without any question.
Here’s why:
Firstly, the plugin don’t contain any malicious code. Secondly, the plugin is thoroughly reviewed and tested by wordpress team before publishing on repository so there is no hope for malicious code. They even don’t allow weak piece of code. So, how would they allow malware???
However you could have contact me, with a code reference so I could investigate; if there’s any issue.
But still thankful for your feedback! 🙂
{HEX}Malware.Expert.generic.uploader.2 : /var/www/vhosts/israeldojo.co.il/httpdocs/wp-content/plugins/export-all-urls/functions.php
{HEX}Malware.Expert.generic.uploader.2 : /var/www/vhosts/israeldojo.co.il/israeldojo.com/wp-content/plugins/export-all-urls/functions.php
These are the results from ClamAV. This is, indeed, a Maleware – very low chances that it’s not.
Is it possible to calculate MD5 of /var/www/vhosts/israeldojo.co.il/israeldojo.com/wp-content/plugins/export-all-urls/functions.php and compare it to the hash value of this file distributed with plugin sources?
Off course you could calculate MD5 of both files to check if file was maliciously modified.
