Support » Fixing WordPress » User menu from admin dashboard is lost

  • I was hacked recently with the injection of garbage code into version.php. I followed instructions and cleared that problem.

    However I also lost the USER menu from my dashboard so I cannot get in to change my password or add other users, this may or may not be part of the same hack.

    Any suggestions please?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Jerry Bates (jerrysarcastic)


    Documentation Master

    What did you do to clean up the attack? Did you make any changes to the core files of WordPress (i.e., files that are located OUTSIDE of the “wp-content” folder) or to the mySQL database?

    Hi Jerry
    I FTPd a new version of the hacked file ‘version.php’, loaded a back-up copy of the database via Cpanel that was saved last month (clean? I hope), and re-updated my WP even tho I was already at 3.4.1

    These were tried in sequence, I checked the user menu once I had the admin login back as I wanted to change p/w and see if there was a new user. With no USER menu I’ve changed p/w via phpMyAdmin and there isn’t an extra user!

    Thanks for the support.

    Jerry Bates (jerrysarcastic)


    Documentation Master

    Are you sure your site is clean? I.E., have you tested it for malware since the changes you made? You can scan it for free here:

    Your mySQL backup is probably fine, since it was from so long ago, but just replacing a few files may not be enough to clean your site. Many exploits will add code all over your WP files, including “backdoors” so they can hack you again if you clean your site without getting ABSOLUTELY EVERYTHING that is from the hack removed.

    I’d also check your themes and plugins (located in /wp-content) as this is where a lot of hackers stash their code.

    Just scanned the site with and it is reported clean (all green!)

    The site is if that’s useful.

    Are you suggesting I delete all the wp files on the server and re-install wp to remove all possible back-doors?

    If I check all themes and plugins, what exactly am I looking for? I’m not a techie, I’m a self-taught WP user with no coding experience! Playing with html, and css to a lesser degree, isn’t frightening, but I don’t have any experience with PHP.

    Can you recommend security plugins to minimize risks of being hacked again. I currently have :
    Better WP security
    Front end users
    Limit login attempts (which has caught a number of attempts to login as admin)

    Login security solution
    User role editor

    Thanks again for the support

    Jerry Bates (jerrysarcastic)


    Documentation Master

    Well, to tell you what to look for would take more room than this forum will allow. The short answer is that you:

    1. Replace all your WordPress files and folders with ones from a fresh (clean) download from, except wp-config.php and the wp-content folder and what’s inside it.
    2. Download new copies of all the plugins you had installed originally, and replace all the once located in wp-content/plugins with new (and clean) versions that you have downloaded
    3. In wp-content/themes replace the default themes (Twenty Ten and Twenty Eleven, typically) with fresh copies that you got from your original clean download from
    4. If you are using a different theme than default, download and replace it with a clean copy from the original theme author (being careful to save any changes you may have made to the css or PHP if you modified it from the original)
    5. Either upload a clean backup of the database (or scan the hacked database for any suspicious content that needs to be deleted before uploading)
    6. Hope it all works out
    7. Crack open a beer (if yes)

    Here’s a good place to start reading:

    Another good article that walks through the technical bits in more detail:

    Thank you again! This is a more-than-1-beer solution, so I’d better get to work. The advice and references are much appreciated

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘User menu from admin dashboard is lost’ is closed to new replies.