1.93.0 creating “rogue” php files

  • Resolved seamuscampbell

    (@seamuscampbell)


    1 year, 9 months ago

    The latest version, 1.93.0, is creating php files that seem to lock me out of my site (redirecting me to the homepage when I go to /wp-login.php). They will create files like “about.php,” “wp-corn.php,” and “admin.php” so they do not seem suspicious. The code in each file is encrypted and each time I try deleting the files, they will re-emerge. Additionally, if I was logged in, I would not be able to open any pages in /wp-admin/

    The files would always appear after I regenerated permalinks so the Rest API could work. I am not certain but I believe this may be a XSS attack.

    To solve the problem for now, I restored the site it was happening in to an earlier backup and used 1.92.0.

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘1.93.0 creating “rogue” php files’ is closed to new replies.