I am getting tired of its interference, and of this image optimizer spam littered all over my WP dashboard.

Can someone with experience guide me on where to check for the code to remove it?

The AD is totally taking over the site.

I dont know how long this has been there because i rarely attennd to the site, but I got to know about it because it seems the latest Google update favours the website because I’m seeing many visitors due to the connected chat system notifications constantly buzzing.

I remember there was someone sometime ago who paid me to place AD codes for a 1-month testrun. He didn’t renew it, and I can’t remember if I removed it or not. But I was the one that did it myself with the code. I didnt give them access.

Any help on where to check? I cant even remember where I placed the code (if its the thing)

Could there be any vulnerability?

Thanks.

It now auto installs a huge widget in the admin dashboard. In the back it covers the entire interface with huge ads. Almost all of the functionality is now pro and is front row and center, with an interface so covered in pro functions it’s impossible use the free plugin.

Frankly this kind of simple functionality should not require a pro plugin at all.

A sad example of the slow degradation of the wonderful WordPress developer community into adware and bloatware.

Should mark WP Login Lockdown two stars really, but will leave it at three stars as it could be useful if way trimmed back again.

After manual cleanup in pages and posts, i found the following code in MySQL : SELECT * FROM DBNAME.aob_posts WHERE (CONVERT(ID USING utf8) LIKE ‘%_0x30 – Pastebin.com

How can i clean the SQL ?

Basically a js file is being redirected to adware code. Eg file mydomain.com/wp-content/plugins/example/somefile.js is being redirected to adwaredomain.com/mydomain.com/wp-content/plugins/example/somefile.js

Here are the things Ive tried – Deleteting and reinstalling fresh plugins, themes, wp-content,wp-admin, wp-includes folders. Also replaced all other wp files with fresh ones from latest. Ive installed various antimalware scanners and wordfence. I also have cloudflare WAF.

Ive also check. But there seems to be no suspicious logins on the webserver or SSH. Ive tried to use a new database prefix and fresh install. But the redirect still remains. I cannot remove it. Anyone have any idea what could be comprimised? Im bit new so Ive tried all I know.

This plugin seems to be completely made for advertising hosting services only. Promotes that the offered hosting service has everything: “As a SiteGround Optimizer user you can get all of that and more at a special price with 69% discount and FREE MIGRATION!”.

I downloaded this to try Dynamic Caching, but it is not available, instead it gives a popup window advertising, “AVAILABLE ON SITEGROUND ENVIRONMENT Dynamic Caching is not supported in your current hosting environment.” Claims that the current hosting does not support dynamic caching. False advertising, false information. Many other plugins do have working dynamic caching, in my current hosting environment.

You can add my voice to the growing chorus of people sick of Redux/Extendify getting installed surreptitiously as an unwelcome “framework” for adware.