wpconsole – adware threat | WordPress.org

Resolved bxwpdev
(@bxwpdev)

5 months, 3 weeks ago

We’ve had a site comprimised by this adware plugin. Trying to locate where it originates is problematic, but it seems to be uploaded via a ZIP file then runs some scripts to serve adware, and cache bust to ensure it gets served. WordFence was active on both sites previously, but was DEACTIVED when we found the plugin in place; not entirely sure how.

Command server for the ads appears to be https://mitccell.com/ (obviously don’t click that)

Anyone else seen this around?

Viewing 1 replies (of 1 total)

Plugin Support wfphil
(@wfphil)

5 months, 3 weeks ago

Hi @bxwpdev

Please follow our site cleaning guide below:

https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.

1 reply
2 participants
Last reply from: wfphil
Last activity: 5 months, 3 weeks ago
Status: resolved