ImunifyAV malware alert SMW-INJ-27295-js.spam-5

Since 26 September 2024, ImunifyAV may trigger a malware warning, although the files are malware-free. Most likely, the polyfill.io domain or the polyfill.js script are causing a false-positive.

Think your website is infected?
Try our Free site check.

A false positive malware detection occurs when ImunifyAV, Wordfence or any other security software incorrectly identifies a legitimate file or program as malware. This happens when the software mistakenly flags safe files based on certain characteristics, like unusual code patterns, that resemble actual malware.

How to bypass the malware detection? – Find and replace “polyfill.io/v2/polyfill.js” with “cdnjs.cloudflare.com/ajax/libs/js-polyfills/0.1.43/polyfill.min.js”.

Code sample:

wp_enqueue_script('amelia_polyfill', 'https://polyfill.io/v2/polyfill.js?features=Intl.~locale.en');

ImunifyAV ver. 7.16.1
SMW-INJ-27295-js.spam-5

If you’ve recently noticed suspicious alerts and looking for a thorough security review, we can help.

Our skilled malware analysts are available 24/7 to fix hacked WordPress websites and clean up malware – reach out to us if you need help.

Hacked website?
Try our Free site check.

A security analyst will perform a free thorough external site check within the next minutes.

Resources:
https://wordpress.org/support/topic/photonics-polyfill-js-detected-as-malware/