I found some injected code for each email address I had posted on my site recently, which can be seen in the source code. Here’s an example of one of the email addresses that was added to the Email Obfuscator code:
<script>document.write(str_rot13('<n gvgyr="Pbagnpg Tenivgl Fgngvba" uers="znvygb:email@example.com">Pbagnpg Tenivgl Fgngvba</n>'));</script>
When I deactivated the Email Obfuscator plugin, the code was no longer there.
- The topic ‘Vulnerability detected, plugin was hacked’ is closed to new replies.