Title: Contributor Hack
Last modified: August 21, 2016

---

# Contributor Hack

 *  [nwventures](https://wordpress.org/support/users/nwventures/)
 * (@nwventures)
 * [12 years, 9 months ago](https://wordpress.org/support/topic/contributor-hack/)
 * I am seeing someone (or something) adding users at the Contributor level. What’s
   interesting here is that I have Comments turned off; new subscribers turned off;
   new user notifications turned on (and I don’t receive any emails of the new users).
 * Has anyone else seen this?
 * Harry

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [esmi](https://wordpress.org/support/users/esmi/)
 * (@esmi)
 * [12 years, 9 months ago](https://wordpress.org/support/topic/contributor-hack/#post-4126162)
 * That sounds like your site may have been hacked 🙁
    You need to start working
   your way through these resources: [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked)
   [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779)
   [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/)
   [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/)
 * Anything less will probably result in the hacker walking straight back into your
   site again.
 * Additional Resources:
    [Hardening WordPress](http://codex.wordpress.org/Hardening_WordPress)
   [http://sitecheck.sucuri.net/scanner/](http://sitecheck.sucuri.net/scanner/) 
   [http://www.unmaskparasites.com/](http://www.unmaskparasites.com/) [http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html](http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html)
 *  Thread Starter [nwventures](https://wordpress.org/support/users/nwventures/)
 * (@nwventures)
 * [12 years, 9 months ago](https://wordpress.org/support/topic/contributor-hack/#post-4126184)
 * No luck so far.
 * sitecheck.sucuri.net/scanner says everything is clean. unmaskparasites.com found
   nothing.
 * I used TAC and reviewed the 2 static links in the theme and it is OK.
 * I am using All-in-One WordPress Security and have the site pretty locked down.
 * I am reviewing 14 posts that are possibles based on one of the articels mentioned(
   iframe, noscript, and display). So far they are only images with the display 
   parameter showing in the code.
 * Anyone else seen this exploit?
 * Harry

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Contributor Hack’ is closed to new replies.

## Tags

 * [contributor](https://wordpress.org/support/topic-tag/contributor/)
 * [exploit](https://wordpress.org/support/topic-tag/exploit/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 2 participants
 * Last reply from: [nwventures](https://wordpress.org/support/users/nwventures/)
 * Last activity: [12 years, 9 months ago](https://wordpress.org/support/topic/contributor-hack/#post-4126184)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics