is this body tag a hack of some kind?

– Use this plugin to check for exploits and malware: https://www.ads-software.com/extend/plugins/quttera-web-malware-scanner/

– alternately, use online Scuri scanner: https://sitecheck.sucuri.net/scanner/

I agree that a scan is in order. However, both of the suggested free scans are port 80 (HTTP) scans. I have found that server side scans are more likely to find malware than a HTTP scan.

There are a number of free server side scanning plugins available. I suggest Wordfence and WP Antivirus Site Protection (by SiteGuarding.com) Also the paid version of Scuri uses server side scanning.

If you use Wordfence, I suggest you go to Dashboard > Wordfence > Options > Scans to include and check all the boxes in this section before you run a scan. This will give you the most scanning options.

Per you other thread (duplicates are closed per the forum guidelines, BTW), if your site is hacked you need to go through the above and also see these:

https://codex.www.ads-software.com/FAQ_My_site_was_hacked
https://www.ads-software.com/support/topic/268083#post-1065779
https://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
https://ottopress.com/2009/hacked-wordpress-backdoors/

Additional Resources:
https://sitecheck.sucuri.net/scanner/
https://www.unmaskparasites.com/
https://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

WPyogi, respectfully, I don’t think my recent post this morning is a duplicate. I appreciate your list of the things I need to do to try to completely clean my site. However, I think if I can get this one body tag replaced with the correct snippet (one which includes the class), I can get this one page to display correctly. I have found what to replace using view source page, but now I need to know how to get to that body tag and change it. It is dynamically generated, I know, but I don’t know where to find it.

For this immediate problem, I just need to know how to edit this html and where to find it. Once I get this taken care of, I will take on the bigger task of trying to clean out the site. But right now, I just need the menu editor to work.

Thanks,
Amelia

think if I can get this one body tag replaced with the correct snippet (one which includes the class)

If your site is hacked, there’s no sense in trying to “fix” anything else first.

That said, what theme is this?

It’s a theme called “Resurrection.” I have it also on a test site at another hosting provider (hostgator), and it is working perfectly there. There is no body tag without a class on that page, when I view the source on the test site. So I know it’s something that’s happening on this particular hosting platform, but I don’t have the luxury of changing. Also, the owner is working on trying to figure it out, but so far we have not been able to completely clear it out.

But I’m not even 100% sure it is a hack. I think it probably is, but there’s only one problem with the site that I can see — it’s that the menu editor doesn’t work (right arrows on the individual menu items have disappeared). This is a situation where I really need to get this menu thing fixed now, and then we can continue trying to figure out this hack or whatever is causing the problem. I need to find where that particular tag is being dynamically generated, and change it.

Thanks.