Hi KF
Thanks for sending your question. It sounds like your site has been hacked. You can find the WordPress recovery guide here. If your hosts are willing to help they can check logs, if available, to see when your functions file was last edited. If you have a recovery point, a backup, that’s older than the editing date, that would be the easiest and fastest way to recover.
If you’d like to compare your functions.php file to the Vantage functions.php file you can downloads yours using your Hosting File Manager application. It’s located at /wp-content/themes/vantage/. The original can be found here.
Dear Andrew — Thank you for your reply, which is very helpful. My site has indeed been hacked — I have discovered various spurious posts. Can you tell me, please, if the functions.php is used to store any user settings? If I overwrite the corrupted one it with the original, will I lose anything? Thanks again. Best, Keith
Thanks for the update; I’m sorry to hear about the hassle. I was involved in a hack recovery recently so I can appreciate the mission! No worries about the settings, those are stored in your database. You’re welcome to download the Vantage ZIP from https://ww.wp.xz.cn/themes/vantage/. Once on your desktop you can go to Appearance > Themes > Add New > Upload Theme, overwriting the existing copy when prompted. Your theme isn’t the only item that needs cleaning. Hypothetically, if your hosts could say when the hack occurred, perhaps looking at the date changes were made and if they had a recovery point from before that date and if you weren’t worried about losing content between then and now, a restore would a big time saver and offer some peace of mind.
Thanks very much for the advice, Andrew. I was surprised to find that I’d gone into the pharmaceutical business — and in French too! I’ve run various scans, but nothing else was flagged as unsafe, so I’m hopeful that I’m OK now.
Super; glad to hear your site is back to the correct language and content! Thanks for the feedback. Cheers for now.
Andrew
