WordPress.org

Ready to get started?Download WordPress

Forums

Hacked: Code injected into header and footer. (2 posts)

  1. Drew Baker
    Member
    Posted 3 years ago #

    Hey Guys,
    I'm running 3.0.1 and have noticed this code right after the opening body tag:

    <block> <block> <script type="text/javascript" src="/wordpress/wp-includes/js/tinymce/plugins/paste/des.php"></script></block></block>

    It's also repeated again right before the close of the body tag.

    See my site here:
    http://www.rickanddrew.com/

    On another site (same server) this is injected into the code before the closing body tag:
    <dig> <ad><dig> <script type="text/javascript" src="/wordpress/wp-includes/js/codepress/languages/jquery.page-scroller.php"></script> </dig></ad> </dig>

    I found some base64 stuff in each theme's index.php, but the code remains. I deactivated all my plugins and then reinstalled WordPress. It's still there. I've obviously missed something.

    I'm guessing it's tied into get_header() and get_footer() somehow. Could someone point my in the direction of the files I should be looking for. This was the best I could fine online.

  2. mrmist
    Forum Janitor
    Posted 3 years ago #

Topic Closed

This topic has been closed to new replies.

About this Topic