We found many WordPress websites redirecting to malicious URLs and spam domains. After a deep investigation it turned out to be caused by the vulnerable WordPress OneTone theme. The hack usually takes place in this file: ./wp-content/themes/onetone/includes/theme-functions.php Beside the above file infection, The Hacker also inject a “eval(atob” malicious javascript malware in WordPress database onetone… Continue reading OneTone WordPress Theme Vulnerability
Tag: hackeado
WordPress Rank Math SEO Plugin vulnerability used to inject malware Redirecting to other websites
Recently, We noticed so many infected websites redirecting to malicious URLs and spam domains. After a deep investigation it turned out to be caused by the vulnerable Rank Math SEO WordPress Plugin. The vulnerable version is 1.0.40.2 so make sure you get it updated to last released version that have this vulnerability patched. Here is… Continue reading WordPress Rank Math SEO Plugin vulnerability used to inject malware Redirecting to other websites
Delucks SEO plugin Vulnerability – JS injection Redirecting to other websites
Any versions below 2.1.7 is vulnerable to this security issue and websites using older versions are likely hacked. Hackers are exploiting it and injecting their malicious javascripts into files and database mainly in the dpc_basic_metadata rows under the wp_options table. The injected JavaScript code is loading the following remote JS files: https://adsnet[.]work/scripts/place.js https://media-sapiens[.]com/pu-placer.js to cause… Continue reading Delucks SEO plugin Vulnerability – JS injection Redirecting to other websites
Cómo limpiar un sitio web de WordPress hackeado en 10 sencillos pasos.
Crees que tu WordPress ha sido hackeado? Si cree que su sitio web de WordPress ha sido pirateado y confirmó este sentimiento o sospecha utilizando algún complemento de seguridad o escáneres de malware de sitios web, como nuestro escáner de malware gratuito ubicado en https://scan.attacker.net , es mejor pedirle a un profesional que limpie su… Continue reading Cómo limpiar un sitio web de WordPress hackeado en 10 sencillos pasos.