My bet is that when you replaced WordPress core files, you missed one or two.
Get a fresh copy of WordPress from wordpress.org, unzip locally, and upload via FTP.
i’ve just tried that again too, I’m still getting the same message 🙁
add_filter is a core function defined in wp-includes/plugin.php. Is that file there and readable?
Yes that one is there and readable
Let’s back up a bit. How did you fix the hack?
My website host ran a scan and emailed me all the files that I needed to delete, they then told me to install a fresh wordpress file from the wordpress website and change passwords, I did this, and now it has lead me to here.
Sorry, I also had to re upload the theme files, after they did the scan. There was nothing wrong and I was able to log in, until I installed a newer version of wordpress.
until I installed a newer version of wordpress.
so you were on a version of WP earlier than 4.6 and it worked, then you upgraded and it broke?
I’m guessing that’s what happened..
Please provide a link to your site! Thanks.
What files did the host tell you to delete?
Did you replace *all* wordpress files with the ones you downloaded?
As far am i’m aware, I replaced all files.
Please see list below of files that I was told to.
./clickandbuilds/ballybolina/wp-content/plugins/LayerSlider/demos/functions.php
./clickandbuilds/ballybolina/wp-content/plugins/js_composer/config/start13.php
./clickandbuilds/ballybolina/wp-content/plugins/js_composer/include/templates/shortcodes/vc_tabs.php
./clickandbuilds/ballybolina/wp-content/plugins/forms-contact/hugeit_contact_function/alias.php
./clickandbuilds/ballybolina/wp-content/plugins/ninja-forms/deprecated/classes/step-processing.php
./clickandbuilds/ballybolina/wp-content/plugins/ninja-forms/includes/Config/Example.php
./clickandbuilds/ballybolina/wp-content/themes/nouveau-2/phpini.php
./clickandbuilds/ballybolina/wp-includes/Requests/Exception/HTTP/press.php
./clickandbuilds/ballybolina/wp-includes/images/wlw/sql.php
./clickandbuilds/ballybolina/wp-includes/js/mediaelement/dir11.php
./clickandbuilds/ballybolina/wp-includes/js/jquery/ui/article11.php
./clickandbuilds/ballybolina/dashboard.php
In this position, I think treating this site as still hacked is the way to go.
- make a list of all plugins
- delete everything in wp-content/plugins and wp-content/themes, /wp-admin and wp-includes — do not touch wp-content/uploads
- delete all .php files in the doucment root except wp-config.php
- (check that file to make sure it doesn’t have “odd” stuff in it
- re-upload wordpress via FTP
- login and reinstall all your plugins and your theme (from a clean source)
Carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.
[edit: fixed directory name mistakes]
That is super odd.
That function is created in the plugin.php
file which is called from the wp-settings
file as seen in line 23 ( https://core.trac.wordpress.org/browser/tags/4.6/src/wp-settings.php#L23 )
I’m guessing you can’t login either?
How did you re-install WordPress?