Affected file Request

Affected files
1 Evaluating Regex place numeric entities because html_entity_decode doesn't // do it for us. $str = /plugins/slogin_auth/yahoo/assets/yahoo-yos-social/lib/OpenID/Auth/Yadis/ParseHTML.php
2 Evaluating Regex s. $str = preg_replace('~&#x([0-9a-f]+);~ei', 'chr(hexdec("\\1"))', $str); $str = /plugins/slogin_auth/yahoo/assets/yahoo-yos-social/lib/OpenID/Auth/Yadis/ParseHTML.php

Affected file
/plugins/slogin_auth/yahoo/assets/yahoo-yos-social/lib/OpenID/Auth/Yadis/ParseHTML.php
Explanation
The method preg_replace with evaluate option can execute php code. You should check if this code is part of the original file or was injected.
Snippet
place numeric entities because html_entity_decode doesn't
// do it for us.
$str = preg_replace('~&#x([0-9a-f]+);~ei', 'chr(hexdec("\\1"))', $str);
$str = preg_replace('~&#([0-9]+);~e', 'chr(\\1)', $str);
return $

Affected file
/plugins/slogin_auth/yahoo/assets/yahoo-yos-social/lib/OpenID/Auth/Yadis/ParseHTML.php
Explanation
The method preg_replace with evaluate option can execute php code. You should check if this code is part of the original file or was injected.
Snippet
s.
$str = preg_replace('~&#x([0-9a-f]+);~ei', 'chr(hexdec("\\1"))', $str);
$str = preg_replace('~&#([0-9]+);~e', 'chr(\\1)', $str);

return $str;
}

/**
* Strip single and double quotes off of a string, if