I ran a Cerber Security malware scan on my website and it identified five instances of suspicious code in ARI Fancy Lightbox library files (none in any other code). All are as they came in the ari-fancy-lightbox.zip install file. Should I be concerned about this? Do any of them make it susceptible to malware?

This is what it had to say:

class-filter.php
Line 11: $filterMethod(
A variable function call. Usually is used to hinder malware detection. (VARF)

class-crypt.php
Line 39: base64_decode
May be used to obfuscate and hinder detection of malicious code. Pairing with eval function indicates malicious code.

github-checker.php
Line 273: wp_remote_get
Load external data from any web server. May be used to load malicious code from an external source.

Line 314: base64_decode
May be used to obfuscate and hinder detection of malicious code. Pairing with eval function indicates malicious code.

class-helper.php
Line 21: `PINNERJOIN`
Execute arbitrary command on the web server (BCTK)

Thanks.

Hello,

The plugin doesn't contain any malware code. It seems your tool can't analyze code for really harmful code. It only find some strings occurence and mark them as potentially dangerous code, but this code can also be absolutely valid. Our plugin are open source and you can check all warnings and make sure they are not dangerous code.

Regards,
ARI Soft

Okay, thanks. I didn't mean to imply that there is malware in the plugin, I just thought I should check.