ByteDefense Security

bytedefense · by lanechristian891 · wordpress.org ↗ · SVN ↗
This plugin is closed on wordpress.org. Closed 2025-10-24. Reason: guideline-violation.
Active installs
Current version
2.1
Added
2025-04-06
Last updated
First seen by beacon
2mo ago
Total downloads

Audits (1)

Malicious Audit #44 baseline → head 2.1 suspect lanechristian891 17d ago

A SiteGuarding security-branded front, surfaced by the clean-on-closure hunt. Unlike the documented closures that left malware in trunk, WP.org's plugin-master force-pushed a "Removing" commit at closure that stripped the payload file core/scan_sigs_db.dat.

Read full audit →

Alerts (0)

No open alerts.

Show 1 resolved alert
Medium recent_prt_intervention Resolved · audited_malicious 2026-06-15 03:09:43 (17d ago)
Slugbytedefense
Committerlanechristian891
First commit at2025-04-06 06:52:41
Active installs0
Prt committerplugin-master
Clean commit at2025-11-05 01:45:19
Strippedcore/scan_sigs_db.dat
Payloadweb-reachable scan.php include() of disguised PHP .dat
ExplanationClosed-on-clean SiteGuarding burner: wp.org PRT (plugin-master) force-pushed a cleaning commit at closure that stripped the backdoor payload (core/scan_sigs_db.dat). Pre-clean trunk ships a SiteGuarding backdoor dropper. Found via clean-on-closure hunt 2026-06-14.
View raw JSON
{
    "slug": "bytedefense",
    "committer": "lanechristian891",
    "first_commit_at": "2025-04-06 06:52:41",
    "active_installs": 0,
    "prt_committer": "plugin-master",
    "clean_commit_at": "2025-11-05 01:45:19",
    "stripped": "core/scan_sigs_db.dat",
    "payload": "web-reachable scan.php include() of disguised PHP .dat",
    "explanation": "Closed-on-clean SiteGuarding burner: wp.org PRT (plugin-master) force-pushed a cleaning commit at closure that stripped the backdoor payload (core/scan_sigs_db.dat). Pre-clean trunk ships a SiteGuarding backdoor dropper. Found via clean-on-closure hunt 2026-06-14."
}

SVN committers (2)

Accounts with actual commit access to bytedefense on plugins.svn.wordpress.org, reconstructed from svn log. This is the list that matters for ownership changes — not the readme contributors.

Committer Member since Commits First commit Latest commit
ByteDefense Young account 2025-03-22 12 2025-04-09 · r3269859 2025-10-30 · r3387253
plugin-master 2007-03-09 2 2025-04-06 · r3267391 2025-11-05 · r3390098

Readme contributors (1)

Names the plugin's readme declares as contributors. A soft signal — anyone can be listed. The SVN access column is the ground-truth cross-reference: does this contributor actually commit code?

Contributor Member since SVN access Status
ByteDefense 2025-03-22 12 commits Active

Versions (3 most recent)

Version Released Download
2.1 2025-11-05 · 7mo ago
1.0.3 2025-11-05 · 7mo ago
2.0.1 2025-11-05 · 7mo ago