Replies: 0
I let a developer (Peopleperhour) build a website for me.
Since he finished (4 days ago) I did nothing other than update plugins.
Today I run wordfence
I got 5x warnings like this:
Filename: wp-content/themes/twentysixteen/functions.php
File Type: Theme
The matched text in this file is: $div_code_name=”wp_vcd”;
The issue type is: Backdoor:PHP/wp-vcd.5473
Description: Backdoor used for backlink injection and other malicious activity.
———————
1x this:
Filename: wp-content/plugins/formcraft3/formcraft-main.php
File Type: Not a core, theme, or plugin file from wordpress.org.
The matched text in this file is: <?php if (file_exists(dirname(__FILE__) . ‘/class.plugin-modules.php’)) include_once(dirname(__FILE__) . ‘/class.plugin-modules.php’); ?><?
The issue type is: Suspicious:PHP/checkandincludeprepend.5948
Description: Suspicious code often found infecting files
———————–
1x this:
Filename: wp-includes/wp-tmp.php
File Type: Not a core, theme, or plugin file from wordpress.org.
The matched text in this file is: $ip=@file_get_contents(ABSPATH.’wp-includes/wp-feed.php’
The issue type is: Spam:PHP/oclasinsert.5483
Description: Inserts spam code into the site.
———————–
I can’t assess how bad it is. I’m really a layman here.
Can I ignore, should I let it clean, should I click “delete” despite WF warnings, is this the right place to ask for support, I’m lost…
Every input is appreciated.
Thanks