Each finding contains detailed information to help you understand the threat and take appropriate action.
Accessing Finding Details #
From Findings List #
1. Go to Content Guard Pro → Findings
2. Click on any finding row to expand details
3. Or click View Details link
From Dashboard Widget #
1. See finding summary in the dashboard widget
2. Click a finding to go directly to its details
From Admin Bar #
1. Click the Content Guard Pro icon in admin bar
2. Select a finding from the dropdown
3. Opens the findings page with that item highlighted
Finding Information Fields #
Basic Information #
| Field | Description |
| ——- | ————- |
| ID | Unique identifier for the finding |
| Status | Open, Quarantined, Ignored, or Resolved |
| Severity | Critical, Suspicious, or Review |
| Confidence | Score from 0-100 |
| First Seen | When the issue was first detected |
| Last Seen | Most recent detection of this issue |
Location Information #
| Field | Description |
| ——- | ————- |
| Object Type | Post, Postmeta, or Option |
| Object ID | Post ID or option record |
| Field | Specific field (post_content, meta_value, etc.) |
| Position | Character position in content (when available) |
Detection Information #
| Field | Description |
| ——- | ————- |
| Rule ID | Internal identifier for the detection rule |
| Category | Type of threat (external_resources, seo_spam, etc.) |
| Matched Text | The specific content that triggered detection |
| Domain | Extracted domain (for URL-based findings) |
Additional Data #
| Field | Description |
| ——- | ————- |
| Fingerprint | Unique hash for deduplication |
| Reputation | Results from Safe Browsing/PhishTank |
| Extra Data | Additional context (tag type, handler name, etc.) |
Matched Content Preview #
What You See #
The finding shows a sanitized excerpt of the matched content. For example, if an external script was detected, you might see:
Matched: [script tag pointing to external-domain.com/file.js]
The actual content is escaped/sanitized so it doesn’t execute in your browser.
Viewing Full Context #
For more context:
1. Click View in Editor to open the post editor
2. Or click View Raw to see surrounding content
3. The matched content is highlighted in the editor
Security Note #
Matched content is sanitized for display. The actual malicious code isn’t executed in your browser when viewing findings.
Understanding Detection Details #
Rule ID Format #
Rule IDs indicate what was detected:
| Rule ID | Meaning |
| ——— | ——— |
ext_script_non_allowlist |
External script not on allowlist |
ext_iframe_non_allowlist |
External iframe not on allowlist |
url_shortener |
URL shortener detected |
hidden_external_link |
Hidden element with external link |
obfuscation_js |
JavaScript obfuscation |
obfuscation_base64_data_url |
Base64 data URL |
seo_spam_pharma |
Pharmaceutical spam keywords |
seo_spam_gambling |
Gambling spam keywords |
inline_event_handler |
Inline JS event handler |
document_write |
document.write() call |
javascript_uri |
javascript: URI in link |
php_dangerous_function |
Dangerous PHP function |
crypto_miner |
Cryptocurrency miner detected |
svg_embedded_script |
Script inside SVG |
meta_refresh_redirect |
Meta refresh redirect |
js_redirect |
JavaScript redirect |
anomalous_link_profile |
Unusual link ratio |
Category Meanings #
| Category | Type of Threat |
| ———- | ————— |
external_resources |
Scripts, iframes, embeds from external domains |
suspicious_urls |
Shorteners, tracking URLs |
hidden_content |
CSS-hidden malicious content |
obfuscation |
Encoded or disguised code |
seo_spam |
Keyword spam injection |
javascript_injection |
XSS and JS attacks |
code_injection |
PHP/server-side code |
cryptojacking |
Browser mining scripts |
redirects |
Unauthorized redirects |
link_analysis |
Suspicious link patterns |
Taking Action #
From the finding details, you can:
Quick Actions #
- Quarantine – Neutralize the content
- Ignore – Mark as false positive
- Edit Post – Open in WordPress editor
- Re-scan – Check if issue persists
Bulk Actions #
Select multiple findings to:
- Quarantine all selected
- Ignore all selected
- Re-scan all selected
Finding History #
Each finding tracks:
- When first detected
- When last seen (updated each scan)
- Status changes (with timestamps)
- Which user took actions
Access history by clicking View History in finding details.
Exporting Finding Details #
Export findings for external review:
1. Select findings (or select all)
2. Click Export
3. Choose CSV or JSON format
4. Download includes all finding details
