Title: Upload/Insert Image Problem & Malicious Plug Ins Last modified: August 19, 2016 --- # Upload/Insert Image Problem & Malicious Plug Ins * [lawrencet](https://wordpress.org/support/users/lawrencet/) * (@lawrencet) * [17 years ago](https://wordpress.org/support/topic/uploadinsert-image-problem-amp-malicious-plug-ins/) * I recently had a problem with the Upload/Insert not working. Clicking the button would not bring up the pop up for inserting images. Instead it was bringing me to another page that was similar to the pop up, but useless. In addition my Light box gallery was not working or popping up. I also noticed there are many people complaining about the same issue. * To find the problem, I created a test.php with the code on my “Add New Post” page and through a process of elimination of different codes discovered that I had this suspicious code (script tags are eliminated): * * My test page Upload/Insert Image worked properly after I eliminated this code which was near the **header and body tag**! * Upon further investigation I found this code in every php script that had a header/ body tag. To add insult to injury, I also found the code on .html pages! * I believe this happened because I was testing various plugins. One of the plugins upon activation may have done its nasty deed. Unfortunately I don’t know which plug in it was, because I deleted all the test plugins that I did not like. * In the end I rolled back my site to a prior date and the code and problem went away. * I hope this helps the wordpress community. * Lawrence * ps. Here is a list of my current plugins: * Add to Any: Subscribe Button .9.6.4.1 Ad Rotator 1.0 Akismet 2.2.3 Calendar 2.0 Gallery Plus 1.4.1 intouch 1.1 Lightbox 2 2.8.2 Popup Image Gallery 4.2.3 RS Event 0.6.2 Sideblog WordPress Plugin 5.1 Viper’s Video Quicktags 6.1.20 WordPress Database Backup 2.2.2 WP Super Cache 0.9.3.1 Viewing 2 replies - 1 through 2 (of 2 total) * [esmi](https://wordpress.org/support/users/esmi/) * (@esmi) * [17 years ago](https://wordpress.org/support/topic/uploadinsert-image-problem-amp-malicious-plug-ins/#post-1055359) * If this code was injected into .html pages, it’s unlikely to have come from a plugin. More likely a server-based attack. The hacker may not even have gained entry via your site but using another, less secure, site on the same server. I’d suggest you contact your hosting provider. * Thread Starter [lawrencet](https://wordpress.org/support/users/lawrencet/) * (@lawrencet) * [17 years ago](https://wordpress.org/support/topic/uploadinsert-image-problem-amp-malicious-plug-ins/#post-1055415) * I don’t believe you are correct. The web site is on my dedicated server and only I have access to user names and passwords. Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘Upload/Insert Image Problem & Malicious Plug Ins’ is closed to new replies. ## Tags * [Pop-Ups](https://wordpress.org/support/topic-tag/pop-ups/) * [Upload/Insert](https://wordpress.org/support/topic-tag/uploadinsert/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 2 replies * 2 participants * Last reply from: [lawrencet](https://wordpress.org/support/users/lawrencet/) * Last activity: [17 years ago](https://wordpress.org/support/topic/uploadinsert-image-problem-amp-malicious-plug-ins/#post-1055415) * Status: not a support question ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics