Author: marcinlawrowski

Critical code_pattern Wise Chat Resolved · false_positive_documented_feature 2d ago

Slug	wise-chat
Pattern	`direct_mysqli_connect`
Kind	`builtin`
Version	`3.4`
Hit count	1
First hit	File `src/Endpoints/Ultra/index.php` Line 70 Snippet $dbWC = new mysqli($constants['DB_HOST'], $constants['DB_USER'], $constants['DB_PASSWORD'], $constants['DB_NAME']);
Explanation	plugin instantiates `new mysqli($var['host'], ...)` — a direct MySQL connection bypassing `$wpdb`. Legitimate WordPress plugins always go through `$wpdb` (which already has the connection); a raw `mysqli` connect using parsed wp-config credentials is the credential-harvesting backdoor shape.

View raw JSON

{
    "slug": "wise-chat",
    "pattern": "direct_mysqli_connect",
    "kind": "builtin",
    "version": "3.4",
    "hit_count": 1,
    "first_hit": {
        "file": "src/Endpoints/Ultra/index.php",
        "line": 70,
        "snippet": "$dbWC = new mysqli($constants['DB_HOST'], $constants['DB_USER'], $constants['DB_PASSWORD'], $constants['DB_NAME']);"
    },
    "explanation": "plugin instantiates `new mysqli($var['host'], ...)` \u2014 a direct MySQL connection bypassing `$wpdb`. Legitimate WordPress plugins always go through `$wpdb` (which already has the connection); a raw `mysqli` connect using parsed wp-config credentials is the credential-harvesting backdoor shape."
}

Plugin	Version	Installs	Last updated	Status
Wise Chat ·`wise-chat`	3.4	6k+	1mo ago	Active
Wise Analytics ·`wise-analytics`	1.1.20	40	3mo ago	Active
Wise Forms ·`wise-forms`	1.2.0	—	—	Closed

Marcin

Alerts (0)

Plugins authored (3)