Title: nav_menu.php hack on freshinstall
Last modified: August 31, 2016

---

# nav_menu.php hack on freshinstall

 *  [cbach](https://wordpress.org/support/users/cbach/)
 * (@cbach)
 * [9 years, 11 months ago](https://wordpress.org/support/topic/nav_menuphp-hack-on-freshinstall/)
 * Hi,
 * I have read all I could find on Google and on these forums. And I understand 
   that the security issue with the core file nav_menu.php is a problem caused by
   insecure plugins in most cases.
 * I’ve just made a fresh install of WordPress (ver. 4.5.2), first plugin I installed
   was Wordfence Premium.
 * The site is on a non www url, but still visible to the world, and not linked 
   anywhere. Still in under 48 hours the WordPress installation has a hacked nav_menu.
   php file.
 * I going crazy over this, please if anyone has tips and tricks, let me know.
 * The site is hosted at Siteground on sharedhosting, but afaik it should be a decent
   hosting provider.
 * Plugins installed in WordPress:
    Akismet (Not active) Breadcrumb NavXT (Active)
   Hello Dolly (Not active) Popup Maker (Active) TemplatesNext ToolKit (Active) 
   Wordfence Security (Active) WPForms (Active)
 * Theme: i-excel Version: 1.1.9
    Everything is updated.

The topic ‘nav_menu.php hack on freshinstall’ is closed to new replies.

 * 0 replies
 * 1 participant
 * Last reply from: [cbach](https://wordpress.org/support/users/cbach/)
 * Last activity: [9 years, 11 months ago](https://wordpress.org/support/topic/nav_menuphp-hack-on-freshinstall/)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics