Shared publicly  - 
 
Checking out a new site that we're helping to clean up and noticed the lovely bit of code below buried in there.  Two possible causes:

1: WordPress was outdated.  Seriously, always keep it updated.  It was only a few updates behind, but that's often enough to let the bad guys in.

2: It's hosted on GoDaddy.  I've seen a number of sites get hacked that were otherwise secure, simply because there was some hole in GoDaddy's security.

Not sure which of those led to this, but we'll be patching up both of those issues once we get things cleaned out...
6
Mickey Mellen's profile photoNicholas Elliott's profile photoRobert Nilsson's profile photo
5 comments
 
+Robert Nilsson Agreed, that seems likely.  The question is "how"?  I'm assuming the outdated WP is to blame, though GoDaddy is certainly possible.  Plus, I haven't been into the admin panel yet but I suspect there are some plug-ins that haven't been updated in forever, which could also be the culprit.
 
remember injections does not have to be passed via forms but can also be passed via get.
 
I've had a corporate client several years back get their site hacked via sql injection.  They were also using outdated WP.  They posted the same kind of stuff.  Turned out to be some Turkish group who were doing it for fun.  WP sites were the target.
 
hate that kind of things.. got sacked myself two times
Add a comment...