We found many WordPress websites redirecting to malicious URLs and spam domains. After a deep investigation it turned out to be caused by the vulnerable WordPress OneTone theme. The hack usually takes place in this file: ./wp-content/themes/onetone/includes/theme-functions.php Beside the above file infection, The Hacker also inject a “eval(atob” malicious javascript malware in WordPress database onetone… Continue reading OneTone WordPress Theme Vulnerability
Tag: Rank Math SEO Plugin
WordPress Rank Math SEO Plugin vulnerability used to inject malware Redirecting to other websites
Recently, We noticed so many infected websites redirecting to malicious URLs and spam domains. After a deep investigation it turned out to be caused by the vulnerable Rank Math SEO WordPress Plugin. The vulnerable version is 1.0.40.2 so make sure you get it updated to last released version that have this vulnerability patched. Here is… Continue reading WordPress Rank Math SEO Plugin vulnerability used to inject malware Redirecting to other websites