GoFuckYourself.com - Adult Webmaster Forum - View Single Post

ApolloCash · 09-10-2014, 05:00 AM

hey

i apologize if this is not the right place where to start this thread, anyway:

We run plenty of blogs, recently some of them have been injected with a javascript redirect script. The place of injection: DB table wp_posts -> post_content
The JS code is added at the end of the post.

The script redirects to a webcam site by cashnude.

I have googled a lot, could find only how to remove the injected script, but the injection was back next day of course.

I could not find any information on how they inject the javascript redirect.

I suspect WP plugin, WP theme or WP core vulnerability, however only newly created blogs like 1 year old seem to be injected, WP core version 3.7.1 + older WP core versions
seem to be intact.
Blogs with various WP plugins and WP themes have been injected.

Does anybody have an experience with this JS redirect by cashnude?

Any response will be appreciated.

Thanks!

09-10-2014, 05:00 AM
ApolloCash Confirmed User Industry Role: Join Date: Apr 2007 Posts: 483	Wordpress malware hey i apologize if this is not the right place where to start this thread, anyway: We run plenty of blogs, recently some of them have been injected with a javascript redirect script. The place of injection: DB table wp_posts -> post_content The JS code is added at the end of the post. The script redirects to a webcam site by cashnude. I have googled a lot, could find only how to remove the injected script, but the injection was back next day of course. I could not find any information on how they inject the javascript redirect. I suspect WP plugin, WP theme or WP core vulnerability, however only newly created blogs like 1 year old seem to be injected, WP core version 3.7.1 + older WP core versions seem to be intact. Blogs with various WP plugins and WP themes have been injected. Does anybody have an experience with this JS redirect by cashnude? Any response will be appreciated. Thanks! __________________ Peter info[} apollocash[} com icq: 176-73--77-01 Last edited by ApolloCash; 09-10-2014 at 05:01 AM..