Web Hosting
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WordPress fix Malicious file generated in wp-includes

Discussion in 'Misc WordPress Requests' started by voimala, Nov 13, 2017.

  1. voimala

    Guest

    Malicious file generated in wp-includes, by voimala

    Hello,

    WP is running on a shared webhost. I found this file recently: wp-includes/class.wp-includes.php

    Contents: https://pastebin.com/unFhaK0D

    As you can see, the first few lines come from class-pclzip.php, then some lines from Akismet (akismet.php). Line 60 literally included my website domain. The rest is I am not smart enough to understand.

    Then vars.php had this line:

    @require_once('class.wp-includes.php');

    After deleting the file and cleaning up vars.php Sucuri and Wordfence didn’t find any issues in their scans. A couple of weeks later the file appeared again. At a loss, will appreciate any help.

    Malicious file generated in wp-includes
     
    #1

Share This Page

Web Hosting