The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Back End Hacked WordPress footer.php

  • This topic is empty.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
  • #234736

    One of my clients is having an issue with malicious script being injected into the footer.

    Here is a full dump of footer.php file. The full Gist also contains beautified code, as well as PHP script that executes.

    I’ve searched around and found following:

    Anyone else had issues with this, I’ve searched all my plugins and theme files for any foreign code and can not find anything.

    Any help would be appreciated. Thanks.


    I found more results after googling some of the code :

    if ( function_exists('curl_init') ) { $url="";

    Seems to be troublesome and well hidden but it’s must be in a plugin somewhere. If you have shell access, you might be able to grep the script.

    Edit – above search term updated.

    Someone here was able to remove it :


Viewing 2 posts - 1 through 2 (of 2 total)
  • The forum ‘Back End’ is closed to new topics and replies.