We run several sites through wordpress.
One day we received a mail through google webmaster tools for one of my website infonary.com, that it was hacked and may have been compromised.
On checking the code we found this
[Code moderated. Please do not post hack code blocks in the forums. Please use the pastebin]
This is some code that sends user visitor data to some website. This is very dangerous because it has a very low footprint and it very difficult to detect automatically.
On Checking our other websites we found this code on almost all websites and usually affects index.php (everywhere) and theme files.
One way that I think this code affected my websites was to make my rss feeds stop working through curl.
Please request all of you running wordpress to kindly check your websites and please let others know about this.
Thanks and Regards
- The topic ‘Malicious Code injecion on WordPress. Affects quite a few.’ is closed to new replies.