WordPress.org

Support

Support » How-To and Troubleshooting » Installation hacked – malicious code inserted into wp-includes/plugin.php

Installation hacked – malicious code inserted into wp-includes/plugin.php

  • netflow
    Member

    @netflow

    This is the code that was inserted into the plugin.php file

    This file is permed 644 and not owned by apache so I’m not sure how it got overwritten. Luckily it was fixed by re-downloading the latest.tar.gz and overwritting everything but has anyone else seen this or know where the security hole is that’s allowing this file to be compromised?

    [code removed – Moderators]

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Installation hacked – malicious code inserted into wp-includes/plugin.php’ is closed to new replies.