The Support Forums will be in read-only mode for a scheduled maintenance window on 01 September 2016 14:00 UTC - 20:00 UTC. More information.

Site Hacked by using "Lost Password" (2 posts)

  1. gariben
    Posted 7 years ago #

    Sites are running on 2.7 with only some of the popular plugins all updated.

    I even changed the wordpress prefix table.

    Today..some of my sites were hacked by using the "Forgot Password" function. I received the notification by email.. when I checked the sites were hacked.

    I then deleted everything and changed the login password via phpmyadmin.

    How was it hacked (in general?) Was it done via RFI? code injection, etc.?

    I had a totally different wordpress prefix, install "Login Locked down" plugin.

    Anything else I should do to prevent this in the future?


  2. roxyghost
    Posted 7 years ago #

    I too would like answers about this, I've got a developer looking through the logs but this really does look like something which needs some work.

    What add ons did you have installed? From what we can see the hackers got in via the forgot password - don't know exactly how - and then used the theme manager to upload the new files.

    Would like some answers!

Topic Closed

This topic has been closed to new replies.

About this Topic