Make WordPress Core

Opened 5 years ago

Closed 3 years ago

#43726 closed defect (bug) (invalid)

PHP/Agent.NGW in post.php

Reported by: wdle14's profile wdle14 Owned by:
Milestone: Priority: normal
Severity: normal Version: 4.9.5
Component: Security Keywords: reporter-feedback
Focuses: Cc:


I have a problem that wp-include / post.php is read as PHP / Agent.NGW by antivirus, is this a mistake on wordpress in making script or any other factors?

Change History (3)

#1 @soulseekah
5 years ago

  • Keywords reporter-feedback added

Welcome to Trac! Which antivirus software is it being reported by? Can you upload the post.php file you scanned?

#2 @leemyongpak
4 years ago

I have the same problem with WP 5.2.4.
ESET Nod32's Realtime file system protection noticed that wp-include/post.php is infected by PHP/Agent.NGW trojan - Event occurred on a file modified by the application httpd.exe, and is cleaned by deleting automatically.

#3 @SergeyBiryukov
3 years ago

  • Component changed from General to Security
  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

Hi there, welcome to WordPress Trac!

Thanks for the report, sorry it took a while for someone to get back to you.

This should probably be reported as a false positive to the antivirus software in question. You can review the whole file contents here on Trac: wp-includes/post.php, I don't see any reason for it to be flagged, and it doesn't look like there are any actionable items for WordPress core here.

Just in case, make sure your site is not hacked.

Note: See TracTickets for help on using tickets.