injected_script.js in pages and posts

  • bobbydurrettdba

    (@bobbydurrettdba)


    8 years, 7 months ago

    I found that a number of pages and posts on my site had a bunch of references to a file called injected_script.js in them. I’m not sure if this is an issue or not.

    Here is an image of the script code that is in the posts:

    Image version of problem text

    There were a bunch of lines like this at the end of a number of pages and posts. It looks like this goes back to 2013 so it has been there a while.

    I have not seen any evidence that the web site is hacked and it comes back clean on a few scanners that I have used. Is this some normal function of WordPress?

    Thanks,
    Bobby

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    8 years, 7 months ago

    First, use your browser in safe mode, incongito mode, whatever mode enables it to open with no add-ons or extensions. That *may* be something injected by a browser extension. I certainly don’t see it when I look at a random sampling of pages on your site.

    If not….

    Get a fresh cup of coffee, take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    Thread Starter bobbydurrettdba

    (@bobbydurrettdba)

    8 years, 7 months ago

    Thanks. I manually removed it from all of my pages and posts. I started working on the FAQ you recommended also. It’s good to know that you think it is helpful.

    Bobby

    Thread Starter bobbydurrettdba

    (@bobbydurrettdba)

    8 years, 7 months ago

    It looks like the last post that was affected was from 2015-01-19. I wonder if I had something on by browser at that time that caused it. Odd. I also found a number of files that my internet provider flagged as bad. I compared them to the latest WordPress download and deleted them.

    Anyway, I’m going to review the FAQ further and decide if I need to take steps to prevent future attacks. At this point the site seems to be ok.

    Bobby

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘injected_script.js in pages and posts’ is closed to new replies.