All my sites went down. Header code injected in all php files

The exact same thing happened to my site. The hosting provider is Clook, if that means anything. I wonder if they’re somehow to blame for this?

Either way, I didn’t update to the latest WP version for a long time because the web designer doesn’t work on the site any more, and the last time it updated, the theme got messed up.

Right now I was able to restore a backup, but there’s weird stuff happening to the site. I updated to latest WP now, but I think the hacked code in the header is still there.

“call_user_func_array() expects parameter 1 to be a valid callback, first array member is not a valid class name or object in….” is what’s showing on the main page. and the stuff that’s in the first line of every .php file is huge, I’m not sure what’s real and what’s not. removing it just breaks the site.

The exact same thing happened to my site. The hosting provider is Clook, if that means anything. I wonder if they’re somehow to blame for this?

One thing I would do if you lost your webmaster is get a new one and use a standard theme or buy one. I use Divi from Elegant Themes for lots of our customers. Second, host with a company that not only does routine backups but can restore them for you. Third, see if you can get ClamAV installed and run a scan on your cpanel if it is linux. If Windows hosting you have problems I cannot help with or advise on. You must keep your site up to date. Of course, don’t use mail poet as this seems to cause issues all over the forum on this subject. Best of luck.