WordPress Exploit Scanner Plugin03 Mar 2009 | security | comments | edit
I've found a few days ago this plugin and i would like to share with everybody since it may help secure the web. This plugin scans the wordpress installation folder for paterns usualy found in exploits/throjans/malware web scripts. The plugin produces quite a few false positive alerts but also it's very easy to spot suspicious code in suspicious files.
It would be nice if wordpress.org published an api to get the md5 of the core files in a specific version since the plugin right now is hardcoded with wordpress 6.3 md5s and will warn you about core files modifications if you use different versions. Also it would be nice if the plugins on wordpress.org would provide a way to get their md5 and use that to look for modifications and file additions.
In conclusion there are ways to improve this plugin but as it is it's a very useful security tool. Also, if you have wordpress installed in the root of your domain, it will scan every file under it. This plugin is actually what made me write the Coppermine article since it found a few uploaded scripts.