Title: hacked (code injection)
Last modified: August 21, 2016

---

# hacked (code injection)

 *  [pauln60](https://wordpress.org/support/users/pauln60/)
 * (@pauln60)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/hacked-code-injection/)
 * All our WP installs have been hacked twice in the last 24 hours as per this report–
   
   [http://stackoverflow.com/questions/16948736/all-wordpress-files-are-hacked-how-to-remove-the-encoded-injection](http://stackoverflow.com/questions/16948736/all-wordpress-files-are-hacked-how-to-remove-the-encoded-injection)
 * Seems this is a current an ongoing problem – anyone looking for (or found) a 
   security fix?
 * Thanks,
    Paul N.

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [esmi](https://wordpress.org/support/users/esmi/)
 * (@esmi)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/hacked-code-injection/#post-3819309)
 * There are no known security issues with WordPress 3.5.1. Your sites being hacked
   does **not** indicate that there is such a problem unless you have concrete evidence
   to the contrary. What you do need to do work your way through these resources:
   
   [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked)
   [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779)
   [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/)
   [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/)
 * Anything less will probably result in the hacker walking straight back into your
   site again.
 * Additional Resources:
    [Hardening WordPress](http://codex.wordpress.org/Hardening_WordPress)
   [http://sitecheck.sucuri.net/scanner/](http://sitecheck.sucuri.net/scanner/) 
   [http://www.unmaskparasites.com/](http://www.unmaskparasites.com/) [http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html](http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html)
 *  [The Hack Repair Guy](https://wordpress.org/support/users/tvcnet/)
 * (@tvcnet)
 * [12 years, 11 months ago](https://wordpress.org/support/topic/hacked-code-injection/#post-3819384)
 * Is more likely the site had been hacked previously and in that previous hack,
   hacker had installed some back door scripts. This is a common event. Never surprises
   me when I view a hacked site and find back door scripts had been installed months
   prior.
 * Security fix?
    Look for out of place scripts and likewise be sure to change “
   all” passwords related to the site (WP admins, Email passwords, FTP passwords,
   etc.).

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘hacked (code injection)’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 3 participants
 * Last reply from: [The Hack Repair Guy](https://wordpress.org/support/users/tvcnet/)
 * Last activity: [12 years, 11 months ago](https://wordpress.org/support/topic/hacked-code-injection/#post-3819384)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics