I have a couple of sites which seem to be getting the same SQL injection over and over.
First time I ran a scan and all files showed fine in wordfence. So I updated wordpress/plugins, removed my FTP account and changed the SQL password etc usual stuff.
However a week later the same thing happened every wp_posts table row a script is inject in the post_content column for every page/post on the site which trigger popups. The last one was a sub domain of pvclouds/com.
They are very light sites a blank theme brochure site with 4 additional plugins :-
Advanced Custom Fields PRO
Contact Form 7
Is there anything I can do in wordfence to help target this or stop this, it is like someone has direct access to the DB and is just injecting with a script. Not something I have come across before especially not recurring after I have applied updates etc.
- The topic ‘SQL Injection’ is closed to new replies.