majalla

Try to re-fetch the article here
https://developers.facebook.com/tools/debug/og/object/

Further Note to the Issue:

1. This only Happned after I upgraded the plugin to 4.0.

2. The Error takes place when I try to edit “Authors” profiles only at the moment.

3. The error that comes when I acess the ‘edit’ feature for the ‘Authors’ is as follows:

Fatal error: Cannot access private property Ure_Lib::$user_to_check in /wp-content/plugins/user-role-editor/includes/class-user-role-editor.php on line 141

5. Solution: Revert back to a Old Plugin if you have them saved before you upgraded …

6. Hope the Author of the Plugin can find us a fix to the issue …

Hi Eli,

Yes, you are right. Your Malware Tool is great, but unfortunately it did not have the definitions I guess and did not much of a good. But some of our great friends from WP Camp, helped me point to the right direction. Dave from LA Marketing was able to identify the culprit on the “Social Media Widget” plugin. Simply updating the plugin was able to resolve the issue.

Yes, I downloaded the full site yesterday to review the files before updating the plugin. I got the file … “social-widget.php” … seems it was trying to connect to a URL and fetching a file named “c.php” and imploding it …

=== The Script is as below ===

[Code moderated. Please do not post hack code blocks in the forums. Please use the pastebin]

Hope this helps …

For more help pls. feel free to contact Dave who was the original genius who helped identify this from LA Marketing …

Thanks and Regards,

Fawaz

Hi,

I have just installed your scanner in one of my test sites, (www.majalla.eu), and it did scann, but it did not find the “MW:SPAM:SEO” code. I still have them on the site, and I have checked almost all the files but canot find the location of these codes…

Below is the Securi scanners results …

===
url: https://sitecheck.sucuri.net/results/majalla.eu

web site: majalla.eu
status: Site infected with malware
web trust: Not Blacklisted
*Cached results from the last 24 hrs.

Malware found in the URL: https://www.majalla.eu/
Known javascript malware.
Details: https://sucuri.net/malware/entry/MW:SPAM:SEO
t=”;}}x[l-a]=z;}document.write(‘<‘+x[0]+’ ‘+x[4]+’>.’+x[2]+'{‘+x[1]+’}</’+x[0]+’>’);}dnnViewState();

Malware found in the URL: https://www.majalla.eu/404testpage4525d2fdc
Known javascript malware.
Details: https://sucuri.net/malware/entry/MW:SPAM:SEO
t=”;}}x[l-a]=z;}document.write(‘<‘+x[0]+’ ‘+x[4]+’>.’+x[2]+'{‘+x[1]+’}</’+x[0]+’>’);}dnnViewState();

Malware found in the URL: https://www.majalla.eu/404javascript.js
Known javascript malware.
Details: https://sucuri.net/malware/entry/MW:SPAM:SEO
t=”;}}x[l-a]=z;}document.write(‘<‘+x[0]+’ ‘+x[4]+’>.’+x[2]+'{‘+x[1]+’}</’+x[0]+’>’);}dnnViewState();

Malware found in the URL: https://www.majalla.eu/about-us
Known javascript malware.
Details: https://sucuri.net/malware/entry/MW:SPAM:SEO
t=”;}}x[l-a]=z;}document.write(‘<‘+x[0]+’ ‘+x[4]+’>.’+x[2]+'{‘+x[1]+’}</’+x[0]+’>’);}dnnViewState();

Malware found in the URL: https://www.majalla.eu/writers
Known javascript malware.
Details: https://sucuri.net/malware/entry/MW:SPAM:SEO
t=”;}}x[l-a]=z;}document.write(‘<‘+x[0]+’ ‘+x[4]+’>.’+x[2]+'{‘+x[1]+’}</’+x[0]+’>’);}dnnViewState();

Malware found in the URL: https://www.majalla.eu/submissions
Known javascript malware.
Details: https://sucuri.net/malware/entry/MW:SPAM:SEO
t=”;}}x[l-a]=z;}document.write(‘<‘+x[0]+’ ‘+x[4]+’>.’+x[2]+'{‘+x[1]+’}</’+x[0]+’>’);}dnnViewState();

Malware found in the URL: https://www.majalla.eu/category/turkey-news
Known javascript malware.
Details: https://sucuri.net/malware/entry/MW:SPAM:SEO
t=”;}}x[l-a]=z;}document.write(‘<‘+x[0]+’ ‘+x[4]+’>.’+x[2]+'{‘+x[1]+’}</’+x[0]+’>’);}dnnViewState();

===

Based on the Securi Results when I check the ViewSource for the home page for example, and on the ViewSource I search for the abouve code snipets, I can easily find that on the Source, but canot find it on any files…

===

[Code moderated. Please do not post hack code blocks in the forums. Please use the pastebin]

===

Can you kindly get the abouve located and cleaned ASAP …

Thanking you,

Best regards,

Fawaz

Just an Update … Received the following from the Twitter Developers …

—
@episod [email protected]

Mar 12 (7 days ago)

The “robot page” (Twitter’s HTTP 500 error page) happens when something exceptional happens when requesting the API. Your widgets all call the API and while normally everything should function fine, occasionally thing go a little amiss. When I view your site here from the Twitter HQ, I don’t see any issues with your widgets.

—
Discussion URL: https://dev.twitter.com/discussions/6445#comment-13241

Hi Joe,

It seems the problem was either related to the new Twitter Roll-out, and it seems the Twitter was crashing. Or my Server has increased the Server side Security through the firewall, and for some other reason the Twitter API’s were not going through the firewall as supposed to. It just disappeared as it case on the same day after a few hours.

If it is the same, I would strongly suggest try it on a different host if possible or try to check if the firewall/security mechanisms on your hosting provider is not doing this …

Let me know …

Regards,

Fawaz
[14 line sig moderated as per the Forum Rules]

[Note: Its is also adding the Twitter Sky/Cloud on to the background of the “Home Screen” on the WordPress Admin section, and only on the “Home Screen” Tab]