Web Hosting
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WordPress fix Malicious file generated in wp-includes

Discussion in 'Misc WordPress Requests' started by voimala, Nov 13, 2017.

  1. voimala


    Malicious file generated in wp-includes, by voimala


    WP is running on a shared webhost. I found this file recently: wp-includes/class.wp-includes.php

    Contents: https://pastebin.com/unFhaK0D

    As you can see, the first few lines come from class-pclzip.php, then some lines from Akismet (akismet.php). Line 60 literally included my website domain. The rest is I am not smart enough to understand.

    Then vars.php had this line:


    After deleting the file and cleaning up vars.php Sucuri and Wordfence didn’t find any issues in their scans. A couple of weeks later the file appeared again. At a loss, will appreciate any help.

    Malicious file generated in wp-includes

Share This Page

Web Hosting