Title: functions.php got injected malicious script
Last modified: August 22, 2016

---

# functions.php got injected malicious script

 *  [p1c2d3](https://wordpress.org/support/users/postcd/)
 * (@postcd)
 * [11 years, 7 months ago](https://wordpress.org/support/topic/functionsphp-got-injected-malicious-script/)
 * in this theme functions.php file i got injected an upload form to uplad any file(
   like .php) so its malicious code. not sure how it was injected. (original theme
   is ok, but not sure if it has any hole or what)

The topic ‘functions.php got injected malicious script’ is closed to new replies.

 * ![](https://i0.wp.com/themes.svn.wordpress.org/be-berlin/0.1.2/screenshot.png)
 * Be Berlin
 * [Support Threads](https://wordpress.org/support/theme/be-berlin/)
 * [Active Topics](https://wordpress.org/support/theme/be-berlin/active/)
 * [Unresolved Topics](https://wordpress.org/support/theme/be-berlin/unresolved/)
 * [Reviews](https://wordpress.org/support/theme/be-berlin/reviews/)

 * 0 replies
 * 1 participant
 * Last reply from: [p1c2d3](https://wordpress.org/support/users/postcd/)
 * Last activity: [11 years, 7 months ago](https://wordpress.org/support/topic/functionsphp-got-injected-malicious-script/)
 * Status: not resolved