Hi @mytourvn,
I’m sorry you had this experience, and we’re here to help you clean up your site if you need any assistance.
I can assure you that WPCode is not infected and in all similar cases we encountered before the issue was caused by someone gaining unauthorized access to a website and using WPCode to add malware.
Since the attack takes place before WPCode is installed on the website, there’s no way for us to prevent this type of abuse.
If you haven’t already, I recommend that you immediately update all passwords for all administrator users on the website and review the list of users to remove any users that you do not recognize. This is essential to prevent the attack from happening again.
I hope you can reconsider your review, as we are also getting hurt here simply because the plugin is available to install for free once the attackers access a website.
