Support
Support » Fixing WordPress » Globalwat script inside footer.php after upgrade
(@mdojobm)
14 years ago
I recently did an automatic upgrade on three blogs to version 2.9.2 and noticed, after a few days, that a script with a function called globalwat was injected in the footer.php files of my themes. Any ideas on what is this script?
(@rvoodoo)
could we get a link of the site with the problem to look at the source?
I removed the script from the blogs — here’s a copy:
[Mod Note – Script removed. Best not to propergate.]
that looks a lot like a hack to me:
http://codex.wordpress.org/FAQ_My_site_was_hacked http://ocaoimh.ie/did-your-wordpress-site-get-hacked/ http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/ http://www.snipe.net/2010/01/when-wordpress-gets-hacked/
My Experiences with being hacked: http://www.rvoodoo.com/2010/02/the-dreaded-base64-wordpress-hack-and-other-hacks-too/
And when you’re done: http://codex.wordpress.org/Hardening_WordPress