This is the code that was inserted into the plugin.php file
This file is permed 644 and not owned by apache so I’m not sure how it got overwritten. Luckily it was fixed by re-downloading the latest.tar.gz and overwritting everything but has anyone else seen this or know where the security hole is that’s allowing this file to be compromised?
[code removed – Moderators]
- The topic ‘Installation hacked – malicious code inserted into wp-includes/plugin.php’ is closed to new replies.