Malicious code found in popular Wordpress Plugin?

Question

Its part of a widely used plugin, I tried to decode it but couldnt. Its too scrambled. It doesnt look too good it has so far I found out it has these:

Function Calls gzinflate 5 base64_decode 5 strrev 10 str_rot13 5 define 1

Here is the code:

http://pastebin.com/QfBBJhZH

I would like to know to report the plugin on the wordpress community and to the authority websites.

PS I do not mention the plugins name in case this is a false accusation and this thread reaches high in SERPS and damages their reputation.

Answer 1

The decode results:

define( 'PXSG_WPRI_PASS_KEY_1', '`Ip%z/U7GVxv;efuSJRh<@JDipw(j#b9vqa)Eu9djt{nC|n+X=&^+QVz0NiisyF' );
define( 'PXSG_WPRI_PASS_KEY_2', '3"t=5h\MCOdx_l;*]qB\TksgI{winpe),b-[_"OpO]]&...(R*N*TY3Ys@Lc4Lh' );
define( 'PXSG_WPRI_PASS_KEY_3', '4*){(oK575;ns4d*1?lo0N{nD}x-X:v3"vVz7>b;QB6X(9%[&5eW3[G^JY]B)J%' );
define( 'PXSG_WPRI_PASS_KEY_4', ':-#x0U&B37}a\8\6K)YQ1/#ss3>CzBJEGB3"SvqPTCb2Fv"F!3EV-Ur=I#w0sym' );
define( 'PXSG_WPRI_PASS_KEY_5', 'SR-5]e_]^~k(BQC.a{V16EeAV*~03wAJ6|c99oEv\OWf;3GqH:5_FuLnY8!z53x' );
define( 'PXSG_WPRI_PASS_KEY_6', 's#9]%>Xja`.]G2Ab@Dt-BKgfB1,Z~bI0na!c7zMkH\@ds64\n+zwp\F/z5rr[@z' );
define( 'PXSG_WPRI_LICENSE_UNLIMITED', 'IJUlRXqWfOOGxpZOXPtu1JWgMxC92kgGszuA1dYyCKCV4AkqeTAcp4vuAkmRqa9' );
define( 'PXSG_WPRI_LICENSE_DEVELOPER', 'NMMRUG1p3kpPZLfC6rNNuQxiDp5WM8Sw8iI9Um2ZcYooGgbtFjMYovJaqTxVk8M' );
define( 'PXSG_WPRI_ADMIN_NONCE', 'Gkk0EByKA5isMfC56M3QzvnskpJeH0MVYABj1MdHUwNOGmA1Bpq6SuHngQYs90r' );
define( 'PXSG_WPRI_ADMIN_NONCE_FIELD', '_rpnonce' );
define( 'PXSG_WPRI_ADMIN_OPTIONS_NAME', 'pxsg_wpri_admin_options' );
define( 'PXSG_WPRI_ADMIN_FORM_ACTIVATION', 'activation' );
define( 'PXSG_WPRI_ADMIN_FORM_DASHBOARD', 'dashboard' );
define( 'PXSG_WPRI_ADMIN_FORM_SETTINGS', 'settings' );
define( 'PXSG_WPRI_ADMIN_FORM_LICENSE', 'license' );
define( 'PXSG_WPRI_ENABLED_YES', 'yes' );
define( 'PXSG_WPRI_ENABLED_NO', 'no' );
define( 'PXSG_WPRI_POST_META_PING', '_pxsg_wpri_ping' );
define( 'PXSG_WPRI_POST_META_PINGS', '_pxsg_wpri_pings' );
define( 'PXSG_WPRI_POST_META_LAST_PING', '_pxsg_wpri_last_ping' );
define( 'PXSG_WPRI_HASH', 'tiger192,4' );
define( 'PXSG_WPRI_PING_PENDING', 'Pending' );
define( 'PXSG_WPRI_PING_PROCESSING', 'Processing' );
define( 'PXSG_WPRI_PING_COMPLETED', 'Completed' );
define( 'PXSG_WPRI_CRON', 'pxsg_wpri_cron' );
define( 'PXSG_WPRI_TRIGGER', 'pxsg_wpri_trigger' );
define( 'PXSG_WPRI_TRIGGER_PING', '1' );
define( 'PXSG_WPRI_TRIGGER_PING_SITE', '2' );
define( 'PXSG_WPRI_POST_ID', 'post_id' );
define( 'PXSG_WPRI_LOG_DIRECTORY', 'logs' );
define( 'PXSG_WPRI_INC_DIRECTORY', 'inc' );
define( 'PXSG_WPRI_TIME_LIMIT', 0 );
define( 'PXSG_WPRI_TRIGGER_PING_TIMEOUT', 3 );
define( 'PXSG_WPRI_PING_TIMEOUT', 10 );
define( 'PXSG_WPRI_PING_PENDING_TIMEOUT', 300 );
define( 'PXSG_WPRI_PING_PROCESSING_TIMEOUT', 600 );
define( 'PXSG_WPRI_DEFAULT_LOG', 30 );
define( 'PXSG_WPRI_DEFAULT_INTERVAL', 1000000 );