Composer · packagist.org
immonex/wp-free-plugin-core
Php Base64 Eval Chain: base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload.
Why PkgRadar flagged 2.13.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · immonex-wp-free-plugin-core-417985c/src/DEV_9/class-plugin-cache.php |
| high | Php Base64 Eval Chain | base64/gz/hex decode combined with eval/exec/backticks — classic PHP obfuscated payload. · immonex-wp-free-plugin-core-417985c/src/V2_13_0/class-plugin-cache.php |
| high | Php Backtick With Decode | Backtick shell-out combined with base64/hex decode. · immonex-wp-free-plugin-core-417985c/src/DEV_9/class-plugin-cache.php |
| high | Php Backtick With Decode | Backtick shell-out combined with base64/hex decode. · immonex-wp-free-plugin-core-417985c/src/V2_13_0/class-plugin-cache.php |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.13.0 | Review | 30 | 2026-06-10 |
Block this in CI
pkgradar gate --ecosystem composer immonex/[email protected]