IOC catalog
Kind:
All
code_pattern (84)
domain (25)
filename (18)
url (17)
changelog_phrase (7)
url_path (3)
file_hash (2)
hash (1)
| Kind | Value | Confidence | Source audit | First seen |
|---|---|---|---|---|
code_pattern |
sgAntiBot |
high | Audit #48 (seo-pack) | 17d ago |
code_pattern |
$json['tools'] |
medium | Audit #48 (seo-pack) | 17d ago |
code_pattern |
FD5503D3B128 |
high | Audit #45 (cls-lcp-issues-fix) | 17d ago |
code_pattern |
plggcwvf_PatchWPConfig_file |
medium | Audit #45 (cls-lcp-issues-fix) | 17d ago |
code_pattern |
A8E15CA27213 |
high | Audit #46 (code-quality-control-tool) | 17d ago |
code_pattern |
Patch_WPconfig_file |
medium | Audit #46 (code-quality-control-tool) | 17d ago |
code_pattern |
aibd_siteguarding_api_key |
high | Audit #47 (magex-ai-bot-defender) | 17d ago |
code_pattern |
plg_EYS7S_activation |
high | Audit #43 (wp-plugin-management) | 17d ago |
code_pattern |
$siteguarding_tool_code |
high | Audit #43 (wp-plugin-management) | 17d ago |
code_pattern |
svitevguardvinvgv |
high | Audit #44 (bytedefense) | 17d ago |
code_pattern |
SITEGUARDING_SPEEDUP |
high | Audit #42 (speedup-optimization) | 17d ago |
code_pattern |
speedup01_CopyTools |
high | Audit #42 (speedup-optimization) | 17d ago |
code_pattern |
15.235.110.95 |
high | — | 1mo ago |
code_pattern |
}=base64_decode |
medium | — | 1mo ago |
code_pattern |
}=${$_COOKIE |
medium | — | 1mo ago |
code_pattern |
rtrim(ABSPATH,'/').base64_decode |
high | — | 1mo ago |
code_pattern |
eval (base64_decode ($_COOKIE |
medium | — | 1mo ago |
code_pattern |
Task_savefile |
medium | Audit #28 (wp-antivirus-site-protection) | 2mo ago |
code_pattern |
CMSPlughubAPI_LicenseValidator |
high | Audit #26 (image-optimizer-x) | 2mo ago |
code_pattern |
rsa_private_key_primary |
medium | Audit #26 (image-optimizer-x) | 2mo ago |
code_pattern |
rsa_private_key_secondary |
medium | Audit #26 (image-optimizer-x) | 2mo ago |
code_pattern |
updateGeoDatabase |
medium | Audit #26 (image-optimizer-x) | 2mo ago |
code_pattern |
NS2.SITEGUARDING.COM |
high | Audit #26 (image-optimizer-x) | 2mo ago |
code_pattern |
SITEGUARDING_SERVER_IP1 |
high | Audit #28 (wp-antivirus-site-protection) | 2mo ago |
code_pattern |
SITEGUARDING_SERVER_IP2 |
high | Audit #28 (wp-antivirus-site-protection) | 2mo ago |
code_pattern |
$_GET['task'] == 'view_file' |
high | Audit #28 (wp-antivirus-site-protection) | 2mo ago |
code_pattern |
$_GET['task'] == 'remove_malware_files' |
high | Audit #28 (wp-antivirus-site-protection) | 2mo ago |
code_pattern |
ADVREC_TARGET_PLUGIN |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
ADVREC_AdverPluginRecommendation |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
SITEGUARDING_SERVER |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
siteguarding_tool_code |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
$allowed_IPs |
medium | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
185.72.157.169 |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
185.72.157.170 |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
185.72.157.171 |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
185.72.157.172 |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
Task_includefile |
medium | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
NS1.SITEGUARDING.COM |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
198.7.59.167 |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
198.7.59.168 |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
Task_deletefile |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
Task_copyfile |
high | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
Validate_Path( |
medium | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
'latest_md5' |
medium | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
'latest_ver' |
medium | Audit #25 (wp-advanced-math-captcha) | 2mo ago |
code_pattern |
198.7.59.167 |
high | Audit #26 (image-optimizer-x) | 2mo ago |
code_pattern |
198.7.59.150 |
medium | Audit #26 (image-optimizer-x) | 2mo ago |
code_pattern |
PluginGuest |
high | Audit #19 (blaze-widget) | 2mo ago |
code_pattern |
passwordz |
high | Audit #19 (blaze-widget) | 2mo ago |
code_pattern |
zbvalidate_file |
high | Audit #19 (blaze-widget) | 2mo ago |
code_pattern |
getWPUsers |
high | Audit #19 (blaze-widget) | 2mo ago |
code_pattern |
get_woocommerce_user_count |
high | Audit #19 (blaze-widget) | 2mo ago |
code_pattern |
PRT_incidence_response_230624 |
medium | Audit #19 (blaze-widget) | 2mo ago |
code_pattern |
eval("
|
medium | Audit #19 (blaze-widget) | 2mo ago |
code_pattern |
gouldbenjamin135@gmail.com |
high | Audit #12 (scroll-top) | 2mo ago |
code_pattern |
pachamama |
high | — | 2mo ago |
code_pattern |
custom_notify_plugin_updated |
high | — | 2mo ago |
code_pattern |
check_cms_configuration_files |
high | — | 2mo ago |
code_pattern |
find_wp_configs_recursive |
high | — | 2mo ago |
code_pattern |
filter_the_content_in_the_main_loop |
high | Audit #13 (quick-pagepost-redirect-plugin) | 2mo ago |
code_pattern |
Puc_v4p10_Factory::buildUpdateChecker |
high | Audit #13 (quick-pagepost-redirect-plugin) | 2mo ago |
code_pattern |
w.anadnet.com/bro/3/ |
high | Audit #13 (quick-pagepost-redirect-plugin) | 2mo ago |
code_pattern |
cdnstaticsync |
high | Audit #12 (scroll-top) | 2mo ago |
code_pattern |
/bro/3/ |
high | Audit #12 (scroll-top) | 2mo ago |
code_pattern |
?gimme=updates |
high | Audit #12 (scroll-top) | 2mo ago |
code_pattern |
milkitall |
high | Audit #12 (scroll-top) | 2mo ago |
code_pattern |
tombenj |
medium | Audit #12 (scroll-top) | 2mo ago |
code_pattern |
eth_getCode |
high | — | 2mo ago |
code_pattern |
Wpos_Anylc_Admin |
high | Audit #4 (countdown-timer-ultimate) | 2mo ago |
code_pattern |
wpos_rest_api_init |
high | Audit #4 (countdown-timer-ultimate) | 2mo ago |
code_pattern |
wpos_handle_analytics_request |
high | Audit #4 (countdown-timer-ultimate) | 2mo ago |
code_pattern |
wpos_get_plugin_version_by_file |
high | Audit #4 (countdown-timer-ultimate) | 2mo ago |
code_pattern |
wpos_process_monthly_data |
high | Audit #4 (countdown-timer-ultimate) | 2mo ago |
code_pattern |
maybe_unserialize(wp_remote_retrieve_body |
medium | Audit #4 (countdown-timer-ultimate) | 2mo ago |
code_pattern |
eth_call |
high | — | 2mo ago |
code_pattern |
eth_getStorageAt |
high | — | 2mo ago |
code_pattern |
WORDPRESS_PLUGIN_WGL_BASE_URL |
high | Audit #10 (widget-logic) | 2mo ago |
code_pattern |
widget-logic_live_match_widget |
high | Audit #10 (widget-logic) | 2mo ago |
code_pattern |
widget_logic_getServiceVersion |
high | Audit #10 (widget-logic) | 2mo ago |
code_pattern |
live_match_widget |
medium | Audit #10 (widget-logic) | 2mo ago |
code_pattern |
$analytics_endpoint |
high | Audit #4 (countdown-timer-ultimate) | 2mo ago |
code_pattern |
wpos_monthly_cron_hook |
high | Audit #4 (countdown-timer-ultimate) | 2mo ago |
code_pattern |
Plugin Wpos Analytics Data Starts |
high | Audit #4 (countdown-timer-ultimate) | 2mo ago |
code_pattern |
fetch_ver_info |
medium | Audit #4 (countdown-timer-ultimate) | 2mo ago |