This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.
Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.
Hoy no hay técnicos de soporte disponibles en el foro Juego de herramientas. Siéntase libre de enviar sus tiques y les daremos trámite tan pronto como estemos disponibles en línea. Gracias por su comprensión.
Este tema contiene 2 respuestas, tiene 2 mensajes.
Última actualización por hace 4 años, 1 mes.
When using the WP Defender Pro plugin (enlace oculto), it reports a security concern due to Toolset's code using eval()
enlace oculto
> Caution: The eval() language construct is very dangerous because it allows execution of arbitrary PHP code. Its use thus is discouraged. If you have carefully verified that there is no other option than to use this construct, pay special attention not to pass any user provided data into it without properly validating it beforehand.
So why does eval() exist in your code? If it's absolutely necessary, I will "Ignore" it in the report's action items but thought I'd confirm with you first.
