Backdoor script detected in WD root file

Hello, malawimama

thank you for showing interest in our plugin.
However, the results you have got using that plugin are not correct, our plugins are secure and there is just no way any of them can be marked as backdoors.

My suggestion is to find another (and better) malware scanner than just a plugin…

Regards,
WSD

Thanks WSD. I wouldn’t have posted a message here if I wasn’t worried. I never trust only 1 source, the original detection came from a website called Sucuri, that’s when I checked using a plugin and that’s where it was more specific in listing it as a backdoor script, so I’m not saying your script is actually a problem, for all I know, the files could have been corrupted somehow, I wouldn’t know since I’m not a hacker, but maybe it’s possible the files were hacked. Who knows. I just wanted to bring it to your attention.

Hello, Treebeard

Thank you for your feedback, but the original file cannot be marked as a backdoor because it isn’t one, and if files got somehow modified then that’s very unfortunate because it means the website got somehow hacked, so I suggest you change your passwords and reinstall wordpress from scratch (and you should check the database also).

Regards,
WSD

Strangely, following a hack of the servers hosting my website it seems most of the sites on there were then compromised including mine.

Access to my site appears to be via a vulnerability in (crazily) a security plugin!

I am now totally unable to access my own wordpress install and the error given when I try is

Fatal error: Cannot redeclare __hideFooterVersion() (previously declared in /home/colincoo/public_html/wp-content/plugins/secure-wordpress/res/inc/SwpaSecurity.php:41) in /home/colincoo/public_html/wp-content/plugins/wp-security-scan/res/inc/WsdSecurity.php on line 41

I am currently changing hosting company and then can re-upload a hopefully clean site.