Dev4Press No Script
Back to GD bbPress Tools Forum

GD bbPress Tools being flagged as compromised

Published on: April 8, 2026 at 12:38 pm · By: Tony
Author
Topic
ImageTony
Participant
April 8, 2026 at 12:38 pm #579125

My site has suffered a malicious intrusion, so I have run a detailed scan using WordFence.
This has thrown up issues with GD bbPress Tools.

It is quite possible that this detailed scan can show false positives and these may not be a problem.

Please can you advise whether they are of concern, whether the flagging can be avoided or whether they should be ignored?

Critical Problems:

* File appears to be malicious or unsafe: wp-content/plugins/gd-bbpress-toolbox/vendor/michelf/php-markdown/test/resources/php-markdown-extra.mdtest/Backtick Fenced Code Blocks.xhtml

* File appears to be malicious or unsafe: wp-content/plugins/gd-bbpress-toolbox/vendor/michelf/php-markdown/test/resources/php-markdown-extra.mdtest/Tilde Fenced Code Blocks.text

* File appears to be malicious or unsafe: wp-content/plugins/gd-bbpress-toolbox/vendor/michelf/php-markdown/test/resources/php-markdown-extra.mdtest/Tilde Fenced Code Blocks.xhtml

* File appears to be malicious or unsafe: wp-content/plugins/gd-bbpress-toolbox/vendor/michelf/php-markdown/test/resources/php-markdown-extra.mdtest/Backtick Fenced Code Blocks.text

Detail for one example:

Filename: /home/xxx/public_html/ovni-owners/wp-content/plugins/gd-bbpress-toolbox/vendor/michelf/php-markdown/test/resources/php-markdown-extra.mdtest/Backtick Fenced Code Blocks.text
File Type: Not a core, theme, or plugin file from wordpress.org.
Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: LD_PRELOAD=libusb-driver.so

The issue type is: Backdoor:PHP/LD_PRELOAD.4426
Description: A backdoor known as LD_PRELOAD

PS WP is 6.9.4 but the selector does not go that far.

Viewing 2 replies - 1 through 2 (of 2 total)
Author
Replies
  • ImageMilan Petrovic
    Keymaster
    April 8, 2026 at 12:53 pm #579126

    Hello,

    This is a set of test files for the markdown library, they are text files, they can’t be used as backdoor or anything else, they are tests and nothing else. To remove these false ‘issues’ I will have the test files removed from next plugin update. But, they are not malicious or dangerous, just tests.

    Regards,
    Milan

    Dev4Press - Premium plugins for WordPress.

  • ImageMilan Petrovic
    Keymaster
    April 10, 2026 at 8:47 pm #579128

    I have released minor update that doesn’t include any of the test files.

    Dev4Press - Premium plugins for WordPress.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.

bbPress Plugins Club

bbPress Club Membership license gives access to all Dev4Press premium plugins for bbPress. While the license remains active, it will include all future Dev4Press premium plugins for bbPress too.

bbPress Club

Dev4Press Plugins Club

The Dev4Press Plugins Club Membership license gives access to all Dev4Press premium plugins and addons for bbPress and WordPress and all future plugins while the license is active.

Dev4Press Club

Rating Plugin Club

Rating Club Membership license gives you access to the GD Rating System Pro plugin, all the free and premium addons for this plugin, and all future addons while the license is active.

Rating Club

Information

From The Blog

Important

Press

On Social Networks

Development Websites

Dev4Press Projects

DebugPress Plugin
Millan Dev Blog

Wigglies Space
TiniART