Title: sneedderek's Replies | WordPress.org --- # sneedderek [ ](https://wordpress.org/support/users/sneedderek/) * [Profile](https://wordpress.org/support/users/sneedderek/) * [Topics Started](https://wordpress.org/support/users/sneedderek/topics/) * [Replies Created](https://wordpress.org/support/users/sneedderek/replies/) * [Reviews Written](https://wordpress.org/support/users/sneedderek/reviews/) * [Topics Replied To](https://wordpress.org/support/users/sneedderek/replied-to/) * [Engagements](https://wordpress.org/support/users/sneedderek/engagements/) * [Favorites](https://wordpress.org/support/users/sneedderek/favorites/) Search replies: ## Forum Replies Created Viewing 5 replies - 1 through 5 (of 5 total) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[WP Job Manager] "Author" meta box for the Custom Post Type](https://wordpress.org/support/topic/author-meta-box-for-the-custom-post-type/) * Thread Starter [sneedderek](https://wordpress.org/support/users/sneedderek/) * (@sneedderek) * [12 years, 7 months ago](https://wordpress.org/support/topic/author-meta-box-for-the-custom-post-type/#post-4210479) * All good. Awesome plugin, thanks! * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Weird Database Error](https://wordpress.org/support/topic/weird-database-error-2-2/) * [sneedderek](https://wordpress.org/support/users/sneedderek/) * (@sneedderek) * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953684) * [@michael](https://wordpress.org/support/users/michael/).mariart I guess I needed to be more specific……. I didn’t mean for anyone to understand that the malware was “added by a plugin or theme” ……. with our issue, the malware was located in a plugin & theme we had. Like you said, these files were “modified” by the hack. This is why I used the word “injection”… of which implies this happened in a server environment. * [@spnweb](https://wordpress.org/support/users/spnweb/) Awesome. Congrats on resolving your issue! * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Weird Database Error](https://wordpress.org/support/topic/weird-database-error-2-2/) * [sneedderek](https://wordpress.org/support/users/sneedderek/) * (@sneedderek) * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953656) * Yep…. hackers often use encoded Unescape when hacking and inserting links. That’s what happened to me. * There are or at least used to be some legit reasons to encode like this, for example to hide a email address from spam bots. But more than likely that’s not the case here. * There are some decoder tools out there, I don’t know of any to recommend as I haven’t used one in years. But trusty Google will help. * I know it’s a pain, but I would start by deactivating plugin’s one-by-one, checking each time if this encoded script still appears. That’s the easiest 1st step to find the culprit. * Then go from there if you don’t find it in plugins. I’ve had injections in the past show up in Header and Footer php files. It could be anywhere really. If you have an awesome web host, they may help you too as they don’t want that stuff spreading ;). * Good luck! * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Weird Database Error](https://wordpress.org/support/topic/weird-database-error-2-2/) * [sneedderek](https://wordpress.org/support/users/sneedderek/) * (@sneedderek) * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953644) * This was a hack… an injection of code (aka malware.) And yes, it was a plugin that caused it. That’s what I get for testing unofficially released plugins not in the WordPress.org repo yet. * This is a reliable and quick way to check for malware [http://sitecheck.sucuri.net/scanner/](http://sitecheck.sucuri.net/scanner/) and has been mentioned many times around here. (I have no affiliation) * Or visit your site and do a “view source”… look around, most likely in the HEAD section for some encoded html or javascript or any scripts that call an outside domain you’re not familiar with. * Once you’ve verified something isn’t looking right, disable any plugins you think may not be legitimate, refresh your site and see if the malware strings are still present. If they are, then the code may have been injected into your theme or WordPress install. I won’t rewrite the wheel here, so just check those links above for more info on how to troubleshoot and solve. * Get it solved quick though! Google will eventually blacklist your site, and it sometimes takes awhile for that lift to come off after cleaning the injection. * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Weird Database Error](https://wordpress.org/support/topic/weird-database-error-2-2/) * [sneedderek](https://wordpress.org/support/users/sneedderek/) * (@sneedderek) * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953606) * I’m pretty sure [@spnweb](https://wordpress.org/support/users/spnweb/) meant he couldn’t find anything on ‘jimbob_jc’ specifically, not so much about WordPress getting hacked in general. * I had the same error show up on my front-end…. * I found that my Facebook Page “Like Box” social plugin was the cause. When I disabled it, the error didn’t show up anymore. * I’m not guaranteeing this to be the cause or solution, as I just barely found out and hadn’t had too much time to troubleshoot, but it seems to be working for me. I’ll try to let you know if I can get the “Like Box” back without the error. Viewing 5 replies - 1 through 5 (of 5 total)