-
AuthorPosts
-
December 22, 2016 at 4:11 pm #727569
HELP! I’m getting emails from Wordfence that say the following… What do I do and should I be concerned???
1.
This email was sent from your website “Strength In Numbers” by the Wordfence plugin.Wordfence found the following new issues on “Strength In Numbers”.
Alert generated at Wednesday 21st of December 2016 at 01:44:15 AM
Critical Problems:
* File appears to be malicious: wp-content/wp-zelf.php
2.
This email was sent from your website “Strength In Numbers” by the Wordfence plugin.Wordfence found the following new issues on “Strength In Numbers”.
Alert generated at Thursday 22nd of December 2016 at 01:27:18 AM
Critical Problems:
* WordPress core file modified: wp-includes/theme.php
* File appears to be malicious: wp-admin/includes/page.php
* File appears to be malicious: wp-admin/js/template.php
* File appears to be malicious: wp-content/plugins/gravityforms/print-entry.php
* File appears to be malicious: wp-content/plugins/jetpack/class.jetpack.php
* File appears to be malicious: wp-content/plugins/wordfence/lib/menu_sitePerf.php
* File appears to be malicious: wp-content/uploads/2014/global.php
* File appears to be malicious: wp-content/uploads/delightful-downloads/2015/05/index.php
* File appears to be malicious: wp-includes/SimplePie/Content/sql.php
* File appears to be malicious: wp-includes/SimplePie/XML/diff47.php
* File appears to be malicious: wp-includes/images/wlw/template98.php
* File appears to be malicious: wp-includes/random_compat/test.php
* File appears to be malicious: wp-includes/theme.php
Warnings:
* Unknown file in WordPress core: wp-admin/includes/page.php
* Unknown file in WordPress core: wp-admin/js/template.php
* Unknown file in WordPress core: wp-includes/SimplePie/Content/sql.php
* Unknown file in WordPress core: wp-includes/SimplePie/XML/diff47.php
* Unknown file in WordPress core: wp-includes/images/wlw/template98.php
* Unknown file in WordPress core: wp-includes/random_compat/test.php
December 23, 2016 at 12:31 am #727728I know somebody today whose site has been hacked (not a kriesi theme) and if you visit it on a fresh ip it redirects to an amazon gift voucher offer or similar, they also have this file and are in the process of trying to figure out if it’s the problem. It looks like it is.
Edit – Sorry, I was just talking about the wp-zelf.php, I’m not sure about the others.
- This reply was modified 8 years ago by alibear11.
December 23, 2016 at 7:18 am #727837 -
AuthorPosts
- You must be logged in to reply to this topic.