emc2

I have the same problem, so far only showed up in 2 of 10+ websites I run.

Thanks so much for your in-depth response.

I keep all my plugins and themes bleeding-edge, run VPS over https, have secure passwords, etc. so I believe it was a vulnerability in WordPress that may have been addressed in the latest update. I say this bc the first thing I did was reinstall WP from the dashboard and rescan, which fixed the problem. Of course, the raw data would be something you could extract more info out of than I could, and there is the distinct possibility that I am incorrect.

About posting here: I had also submitted a ticket at the address above (because I have a premium license for this domain) but got it all ironed out before they were able to respond. I was just reaching out in any direction hoping to get an answer — that’s why the double post.

Thanks again for taking the time to let me know all this stuff, especially that I can send samples of infections in the future. I appreciate your time.

Thanks, that was it! ??

I was able to restore from backup, and am trying to get a scan to complete to see if it’s gone, hopefully that will resolve the issue. The question is, will it happen again and why??

This is a base64_decode/backdoor problem, but I had WF Premium set up & configured properly… wtf? Not getting any response at WF Support.

Logging into WordPress.com makes the error go away in the console, but that’s not a full-fledged “fix”. Waiting to see what Jetpack does. ??

Supporting a developer that takes the time to write you a respectful and thorough response like this one seems like it would be a great investment.

Since it’s been asked… I’ve changed everything and nothing’s showing up. I think it’s because I’m using WooCommerce One Page Checkout. ??

I just had this same problem with a manual install of WP on my server, and ended up discovering two things that I didn’t find elsewhere:

1. When specifying Username/Password in wp-config.php, you *must* enter the combo you set up for the user you added to the database you created in your control panel. It will not work if you use the Master User’s username/password.
2. When specifying Host you must check to see where your web host has their MySQL installation. If they are running multiple MySQL versions (as mine was), you *must* enter the correct host location. For example, my host was running MySQL 4 databases under “localhost” and MySQL 5 databases under “localhost:/tmp/mysql5.sock”.