WordPress.org

Make WordPress Core

Opened 2 years ago

Closed 2 years ago

#41109 closed defect (bug) (invalid)

WordPress Core Js File Seems Infected

Reported by: 756dk Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Emoji Keywords:
Focuses: Cc:
PR Number:

Description (last modified by SergeyBiryukov)

Hi

I have running latest version of wordpress while website loads up and I got some error in the console.

After checking the Console for the error I found error and encrypted code is in the core js file - https://raw.githubusercontent.com/WordPress/WordPress/master/wp-includes/js/wp-emoji-release.min.js

Kindly check the screenshot URL for the error.

Accordingly to it might be the malware or I would like to know what exactly encrypted in the JS code.

http://imgur.com/a/CNcbr

Looking forward to hear back from you.

Thanks
Deepanshu kapoor

Attachments (1)

imageedit_3_8162268474.gif (71.9 KB) - added by 756dk 2 years ago.

Download all attachments as: .zip

Change History (4)

#1 @pento
2 years ago

  • Keywords reporter-feedback added
  • Version 4.8 deleted

Hi @756dk, thank you for the bug report!

This JavaScript file is correct, it's produced during our build process, by combining and minifying wp-emoji.js and twemoji.js. We minify all JS files that are used in production.

As for the NS_ERROR_UNEXPECTED JavaScript error you're seeing, this is a generic error that Firefox throws, which unfortunately doesn't tell us what's gone wrong. If you're able to reproduce this error, Firefox's dev tools should be able to prettify the source and give us a better indication of what line is triggering the error.

Alternatively, adding define( 'SCRIPT_DEBUG', true ); to your wp-config.php will use the development versions of the files, which will give us the original line number. This can occasionally stop the bug from occurring, though, if it's some sort of race condition.

#2 @SergeyBiryukov
2 years ago

  • Description modified (diff)

#3 @pento
2 years ago

  • Keywords reporter-feedback removed
  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.