WordPress instances hacked

  • Hello all,

    in the last few days we have noticed that pages of ours have been hacked again and again. It is noticeable that many hacks are identical.

    Among other things, the following happens:

    – A plugin named “TOPXOH” is always created, which contains malicious code
    – Malicious code is infiltrated into various PHP files (encoded PHP code)
    – The hacker has left his name HackedByAbdallaHOH

    The websites are located at different hosters and have different usernames and passwords, so it can be ruled out that an account has been hacked. I suspect that a plugin has a security vulnerability.

    We use the following plugins on all sites:
    – Advanced Custom Fields (Pro)
    – Duplicator
    – Classic Editor
    – Yoast SEO

    Has anything similar happened to you guys lately? Do you know anything about a security vulnerability with a plugin?

    Thanks a lot! ??

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘WordPress instances hacked’ is closed to new replies.