Hi
Just had scanner warnings sent to me. Checked out and it's the same as a week ago I had already fixed. Fixed by uninstalling and reinstalling new plugin.
The error was evil and something else saying that is something hackers use to hide code. Or the text readme file was changed to lower version number.
Though I had it on high scan so thought maybe false positives...
But I was wondering why - what's happening and checked via ftp the plugin and to my surprise I found no index.html or index.php file in the different plugin named directory.
So I checked ptting (example) this direct into my web browser
http://name-of-my-site.com/wp-content/plugins/name-of-plugin/
and found some had the index.html or index.php file so white page showed.
The ones that didn't showed the full plugin content.
Then I tried
http://name-of-my-site.com/wp-content/plugins/name-of-plugin/css and other plugin content ending names and found most didn't have an index.php or html file in the css directory, thus showing all files if typed in from browser.
Should I be worried on the lack of index files in plugins?
Should I be putting in index.html in each directory of the plugin which doesn't have it - but will become a pain with every update.
Is this what the hackers are looking for? As I see search strings of the plugin directory then different names of plugins and css?
Thanks