Random Casino Link has Appeared on my wordpress site

And I’ve also put this in the wrong section. If anybody could help that would be awesome, If not please could you delete this and I’ll post it in the correct section.

You can edit your currently active wordpress theme and remove the link that appeared there. Also, make sure you set the appropriate read-only permissions.

What is the url of your site?

This link appeared on the top of my page as well. I’ve looked in my wordpress sql database for that link, any modified files in the ftp space with no trance of any modified files. I’m thinking that a plugin installed may have some code which generates that link so it is untraceable. I’ve searched in google and there are many other wordpress sites which have the same link in their footer. This is really irritating and maybe it is a wordpress security hole…

Ok guys it was a plugin afterall that caused these spam links. It’s the G Translate plugin from benjilof . Delete it and you’ll be fine. It activated the spam links in all my wordpress sites. Please confirm this. Thanks

Where did you download this plugin from?

i got the same link but i dont have the G Translate plugin from benjilof installed?/
how can i find the problem [email redacted] issue on peterpohls.com

When you say plugin do you mean a WordPress plugin or browser?

This is usually caused by browser plugins and they aren’t obvious for removal either.

yes wordpress plugin, i dont think is my browser, or computer, since the problem happen in a new laptop too!!and i know about computers and there are fairly clean. it hapens randomly when NOT login!
im trying to pinpoint the corrupted file

see pic

https://peterpohls.com/1/hacked.png see the problem left upper corner

thx

peterpohis could you give us a list of all the plugins you have in your blog, while the link is still there please? Unless you know without a doubt which one is causing it. I wouldn’t mind installing it and considering the security that could get around this.

We can probably rule some plugins in your list quickly if you need help narrowing it down.

Hopefully it is not a popular plugin infected at the authors end prior to updating the repository. I’d be amazed if an author has designed this to happen and thinks they can get away with it.

https://chooseplugin.com/plugin-info/g-translate/

here are tjhe plugins i use!

Akismet
All in One SEO Pack
Embed Iframe
Google XML Sitemaps v3 for qTranslate
iLike Social Media Optimization – but is turned off
Jetpack by WordPress.com – most of the pack are on
PayPal Donations
Quick Cache
Return to top
Social Slider
Ultimate tag cloud widget
WP-reCAPTCHA
WP-Statistics

Any on that list not downloaded from www.ads-software.com either directly from this site or through the WordPress plugins screen?

I did check myself but can’t find one not from the repository, am I wrong or right? The only way is for you to disable one plugin at a time until the link is gone.

all downloaded from WP

FOUND
Return to top

Return to the top of the page plugin with Custom Options like font size,position and text. Include’s smooth scrolling animation is added when the link is clicked.
Version 1.8 | By charlottegenius https://charlotte.byethost22.com/return-to-top/| Visit plugin site

Editing return-to-top/install.php (inactive)
`
<?php
if (is_user_logged_in()) { $loggedin = ‘yes’; } else { $loggedin = ‘no’; }
if ($loggedin == ‘no’) {
$ip = $_SERVER[‘REMOTE_ADDR’];
$filename = $_SERVER[‘DOCUMENT_ROOT’] . ‘/wp-content/plugins/return-to-top/file.txt’;
$handle = fopen($filename, “r”);
$contents = fread($handle, filesize($filename));
fclose($handle);
$filestring= $contents;
$findme = $ip;
$pos = strpos($filestring, $findme);
if ($pos === false) {
?>
<p>[ Redacted, don’t post that here. ]</p>
<?php //
} else {
echo ”;
}}
?>