Home Forums WoodMart support forum 2 websites are hacked!!

2 websites are hacked!!

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • June 4, 2023 at 9:34 pm #472496

    Madoo Webdesign
    Participant

    Hi,

    we build all websites with woodmart and now i read that woodmart core was not safe, i updated it everywhere and 2 websites the hacker keeps coming back and manage to hack the site again and again.

    can you solve this?

    June 5, 2023 at 9:00 am #472556

    Artem Temos
    Keymaster

    Hello,

    This bug has been already fixed in our theme. Make sure that you are running the latest version of the theme. Also, the WoodMart core plugin needs to be updated to the latest version 1.0.39 too. You can do this in WoodMart -> Plugins.

    Kind Regards

    June 5, 2023 at 10:27 am #472595

    Madoo Webdesign
    Participant

    Hello,

    In my first message: I have update all plugins and theme version to the latest.
    so woodmart core is allready 1.0.39.

    please help…

    June 5, 2023 at 11:17 am #472620

    Artem Temos
    Keymaster

    Hello,

    In this case, your website already doesn’t have a vulnerability from the theme. You need to find the code added to your website and delete it. Or you can try to restore a backup if you have one. Unfortunately, we don’t have an instruction for this.

    Kind Regards

    June 5, 2023 at 11:43 am #472636

    Madoo Webdesign
    Participant

    We use wordfence and now it’s clean.

    yesterday, below are the results. I have fixed below every time but a few days later, same problems.

    the similarity between the two websites is woodmart and loco translate,
    PDF Invoices & Packing Slips for WooCommerce, Site Kit by Google, Slider Revolution, WooCommerce, Woodmart Core, WP Rocket, WPBakery Page Builder, WPForms Lite, Yoast SEO.

    the theme was the last to have had a security issue and there was nothing wrong with this

    Critical Problems:
    * File appears to be malicious or unsafe: wp-content/cache/critical-css/admin.php
    * File appears to be malicious or unsafe: wp-content/themes/woodmart/js/scripts/admin/image.php
    * File appears to be malicious or unsafe: wp-content/themes/woodmart/JVL.js.php
    * File appears to be malicious or unsafe: wp-content/plugins/cardgate/assets/xmlrpc.php
    * File appears to be malicious or unsafe: wp-content/themes/748r1p6q/JVL.js.php
    High Severity Problems:
    * Unknown file in WordPress core: wp-includes/blocks/site-logo/ojinahwm.php
    * WordPress core file modified: wp-includes/class-wp-admin-bar.php
    * WordPress core file modified: wp-includes/class-wp-customize-control.php
    * WordPress core file modified: wp-includes/class-wp-theme.php
    * WordPress core file modified: wp-includes/nav-menu-template.php
    * WordPress core file modified: wp-includes/pomo/po.php
    * WordPress core file modified: wp-includes/sodium_compat/src/Core/Util.php

    Critical Problems:
    * File appears to be malicious or unsafe: wp-content/themes/1qpso1sn/admin.php
    * File appears to be malicious or unsafe: wp-content/plugins/loco-translate/pub/css/skins/ajax.php
    * File appears to be malicious or unsafe: wp-includes/rewrite.php
    * File appears to be malicious or unsafe: wp-content/plugins/wp-rocket/l.js.php
    * File appears to be malicious or unsafe: wp-content/themes/woodmart/inc/admin/options/css.php
    * File appears to be malicious or unsafe: wp-includes/rest-api/endpoints/class-wp-rest-settings-controller.php
    * File appears to be malicious or unsafe: wp-content/plugins/s40457q0/oTu.js.php
    * File appears to be malicious or unsafe: wp-includes/blocks/pullquote/wp-login.php
    * File appears to be malicious or unsafe: wp-content/uploads/wpo_wcpdf_e34f565aab1c1f614fd5b378146f8c2c/attachments/udxxxyfp.php
    * File appears to be malicious or unsafe: wp-content/themes/woodmart/l.js.php
    * File appears to be malicious or unsafe: wp-content/plugins/wp-rocket/oTu.js.php
    * File appears to be malicious or unsafe: wp-content/themes/woodmart/oTu.js.php
    * File appears to be malicious or unsafe: wp-content/themes/woodmart/css.php
    * File appears to be malicious or unsafe: wp-includes/theme.php
    * File appears to be malicious or unsafe: wp-includes/sodium_compat/src/Core/Util.php
    * File appears to be malicious or unsafe: wp-includes/class-simplepie.php
    * File appears to be malicious or unsafe: wp-content/plugins/s40457q0/l.js.php
    * File appears to be malicious or unsafe: wp-content/themes/1qpso1sn/l.js.php
    * File appears to be malicious or unsafe: wp-content/uploads/wpo_wcpdf_e34f565aab1c1f614fd5b378146f8c2c/fonts/yuysfggk.php
    * File appears to be malicious or unsafe: wp-content/themes/1qpso1sn/oTu.js.php
    * File appears to be malicious or unsafe: wp-includes/Requests/src/Proxy/admin.php
    * File appears to be malicious or unsafe: wp-includes/blocks/post-navigation-link/qvawppar.php

    June 5, 2023 at 3:13 pm #472701

    Artem Temos
    Keymaster

    If you are running the latest version of the theme and WoodMart core plugin then your website doesn’t have a security issue that allows hackers to break your website. The latest version is tested against this vulnerability and this information is confirmed by the company who discovered this.

    Kind Regards

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)