Yet another new WordPress Security Issue: CryptoPHP (Nulled Scripts)

Reading Time: 2 minutes


A Scandinavian technology company, Fox IT, was one of the first discovers of a new threat to PHP based programs (such as WordPress, Drupal, Joomla, etc. )

The Fox IT CryptoPHP white paper is quite technical but we will summarize the issue for you here.

It is about something termed ‘Nulled Scripts’ and given another label too, CryptoPHP. This is perhaps a new term to most of our customers.

So what exactly are these so-called Nulled Scripts?

Nulled scripts are scraps of PHP code, which can be found on free or otherwise non-approved WordPress plugin sites or even in WordPress theme archives; which have had their copy-protection removed.

Various *pro* plugins and themes come with a serial number, or key, which enables paid features or provides access to download free upgrades.

Nulled scripts have such protections removed (so that it is become ‘free’).

There are many websites that are offering these nulled-scripts and also nulled WordPress plugins and theme installers.

They shouldn’t be used because of the following problem:

CryptoPHP explained

The programmers who published the white paper have witnessed a drastic increase in the availability of nulled/corrupted scripts.