Installation hacked - malicious code inserted into wp-includes/plugin.php (3 posts)

  1. netflow
    Posted 4 years ago #

    This is the code that was inserted into the plugin.php file

    This file is permed 644 and not owned by apache so I'm not sure how it got overwritten. Luckily it was fixed by re-downloading the latest.tar.gz and overwritting everything but has anyone else seen this or know where the security hole is that's allowing this file to be compromised?

    [code removed - Moderators]

  2. kmessinger
    Forum Moderator
    Posted 4 years ago #

  3. The Hack Repair Guy
    Posted 4 years ago #

    It's very possible your site may be extensively compromised. I recommend changing all related passwords as well.

    Then I recommend you make sure all is upgraded. Sadly, nowadays it's rare for hackers to not leave back door scripts in place (allowing hacker to hack your site again in future).

    You'll need to review every file on your website respectively to ensure
    none are out of place or were installed by hacker.

Topic Closed

This topic has been closed to new replies.

About this Topic