Skip Navigation
Buy Now

Home Toolset Professional Support [Resolved] defender marks submit as suspicious

[Resolved] defender marks submit as suspicious

This thread is resolved. Here is a description of the problem and solution.

Problem:

The customer reported that since September 6, their security software marked the submit.php file from Toolset as suspicious, along with other files from various Toolset plugins. This issue affected all their sites using Toolset plugins, leading to concerns about potential security risks.

Solution:

We conducted a review of the flagged files and found no malicious content but recommended that the customer manually replace the plugin files with fresh copies from the Toolset downloads page. After the customer reported that reinstalling the fresh copies did not resolve the issue, we confirmed it was a false positive. We contacted the WPMU team to request whitelisting of the files.

The customer was advised that they could also reach out directly to the WPMU support team for faster assistance regarding the whitelisting process. Ultimately, the WPMU team confirmed that the files were whitelisted, resolving the customer's issue.

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

Sun Mon Tue Wed Thu Fri Sat
- 9:00 – 12:00 9:00 – 12:00 9:00 – 12:00 9:00 – 12:00 9:00 – 12:00 -
- 13:00 – 18:00 13:00 – 18:00 13:00 – 18:00 13:00 – 18:00 13:00 – 18:00 -

Supporter timezone: America/Sao_Paulo (GMT-03:00)

Tagged: 

This topic contains 4 replies, has 2 voices.

Last updated by Mateus Getulio 4 months, 1 week ago.

Assisted by: Mateus Getulio.

Author
Posts
#2743509
#2743852

Mateus Getulio
Supporter

Languages: English (English )

Timezone: America/Sao_Paulo (GMT-03:00)

Hello,

Thank you for bringing it to our attention.

We have conducted a thorough review of the files in the report and did not find any malicious content. However, we cannot guarantee that those files on your site has not been tampered with.

To ensure the integrity of the plugin files, we suggest manually replacing the plugins with a fresh copy from the download page: https://toolset.com/account/downloads/. This can help determine if the warning is related to a genuine issue or a false positive.

If the warning persists after replacing the plugin, please let us know, and we will contact the plugin author to request a global whitelist. You may also consider reaching out to the plugin support directly, as a request from a customer might receive faster attention.

Thank you,
Mateus

#2744819

Mr. DJ

I tried installing the fresh copy, but this did not fix the problem.
The problem exists on all of our sites using the toolset plugins.

Can you provide me with a link to contact the plugin support team directly?

#2745200

Mateus Getulio
Supporter

Languages: English (English )

Timezone: America/Sao_Paulo (GMT-03:00)

Hello there,

This is a brief note to let you know that we're double-checking the code prior to submitting it for whitelisting.

We'll keep you posted.

#2745742

Mateus Getulio
Supporter

Languages: English (English )

Timezone: America/Sao_Paulo (GMT-03:00)

Hello there,

Our team double-checked it and it is indeed a false positive.

We're contacting the WPMU team to get the file added to the allowlist.

Regarding your question, if you want to reiterate this request with them I believe you can contact them using the customer support page: hidden link

Thank you, we'll keep you posted.

#2763188

Mr. DJ

WPMU DEV whitelisted the files so the issue is resolved now, thank you for the help.

Known issues and solutions

Frequently asked support questions

Support tickets archive

Get help from experienced contractors

Meet Toolset support team

Toolset Customer Support Policy

Need to tell us something about the quality of support

How to remove personal information from your database for support