Title: Offending code in source
Last modified: August 24, 2016

---

# Offending code in source

 *  [smoothiefresh](https://wordpress.org/support/users/smoothiefresh/)
 * (@smoothiefresh)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/offending-code-in-source/)
 * Hi everyone,
 * After many, many months, I’ve finally finished building my website (www.smoothiefresh.
   co.uk). Bear in mind that I have zero programming or developer knowledge whatsoever.
 * I took Maintenance mode off and opened the site on another computer that wasn’t
   autologged in to my WP. I noticed a problem: there is a rogue hyperlink to some
   crappy viagra news rubbish, which incidentally doesn’t actually lead anywhere.
 * I’ve searched high and low throughout my theme files, header files, sidebar files….
   everywhere! But I can’t find the damned link anywhere.
 * So I opened the source code from my web browser and lo and behold I found the
   offending code:
 *  `<a href="http://... moderated.... /viagra-patent-expiration-date-in-arab-emirates/"
   >viagra patent expiration date in arab emirates</a>`
 * The whole section of the code is:
 *     ```
       color: #ED1D23;
       margin-top: 10px;
       }</style><noscript><style> .wpb_animate_when_almost_visible { opacity: 1; }</style></noscript></head>
       <body class="home page page-id-191 page-template-default wpb-js-composer js-comp-ver-4.5.1 vc_responsive">
   
       <div id="style-main">
       <nav class="style-nav">
           <div class="style-nav-inner">
   
       <ul class="style-hmenu menu-2">
       	<li class="menu-item-193 active"><a href="http://smoothiefresh.co.uk/">Home</a>
   
       	<li class="menu-item-262"><a href="#">What We Offer</a>
   
       <ul>
       		<li class="menu-item-80"><a href="http://smoothiefresh.co.uk/package-deals/">Package Deals</a>
   
       		<li class="menu-item-554"><a href="http://smoothiefresh.co.uk/smoothies/">Smoothies</a>
   
       		.........  moderated
       ```
   
 * ______
 * Now…. It is a custom header, which is within a custom-built theme (someone made
   if for me, but now I can’t get hold of them).
 * Any ideas at all as to where I can find this rogue hyperlink code in the PHP 
   files of my WP, so that I can delete it once and for all?
 * Any help would be very greatly appreciated.

Viewing 6 replies - 1 through 6 (of 6 total)

 *  [Creatrix](https://wordpress.org/support/users/chrisl_57/)
 * (@chrisl_57)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/offending-code-in-source/#post-6120683)
 * Although you’ve found it in the browser the code is most likely being injected
   into your page so you won’t see it in the header.php file.
 * Unfortunately there isn’t a quick solution to this, but my advice would be to
   have a read through [this page](https://codex.wordpress.org/FAQ_My_site_was_hacked)
   and try some of the solutions offered.
 * Where did the theme come from? Also have you just used plugins from WordPress.
   org?
 *  [Mark Ratledge](https://wordpress.org/support/users/songdogtech/)
 * (@songdogtech)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/offending-code-in-source/#post-6120684)
 * > It is a custom header, which is within a custom-built theme (someone made if
   > for me, but now I can’t get hold of them…
 * You could have been hacked, but the spam link is in your menu, so check your 
   menus first. The link could have simply been put in by the theme author.
 * But also see [FAQ – My Site Was Hacked](https://codex.wordpress.org/FAQ_My_site_was_hacked).
 *  Thread Starter [smoothiefresh](https://wordpress.org/support/users/smoothiefresh/)
 * (@smoothiefresh)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/offending-code-in-source/#post-6120707)
 * Thanks, guys. I’ve checked the site and there’s no malware there at all – it’s
   come up clean on a number of different checks.
 * My suspicion is that it’s been someone written in to the affected plugin code(
   plugin in question is myStickyMenu). I’ve sent a message to the plugin author
   for his assistance, as I’m unable to figure out how to edit the plugin itself(
   i.e. to indeed customise my sticky menus).
 * Fingers crossed.
 *  [Mark Ratledge](https://wordpress.org/support/users/songdogtech/)
 * (@songdogtech)
 * [11 years, 1 month ago](https://wordpress.org/support/topic/offending-code-in-source/#post-6120709)
 * I doubt it’s that plugin; the source code for the plugin is clean. Switch to 
   the twentyfifteen theme for a minute, with the same menus, and see if the link
   is there.
 *  Thread Starter [smoothiefresh](https://wordpress.org/support/users/smoothiefresh/)
 * (@smoothiefresh)
 * [11 years ago](https://wordpress.org/support/topic/offending-code-in-source/#post-6120817)
 * Did as you suggested songdogtech and you’re right, it’s not the plugin. I thought
   it was because that’s where the the dodgy link appears. Incidentally, the link
   has now changed to some rubbish “shemale” crap, so there’s definitely something
   wrong with the theme, I think. I’m having a look at it now (it’s a custom theme),
   but as I’m not tech-minded, I’ll muddle through until I find it.
 *  Thread Starter [smoothiefresh](https://wordpress.org/support/users/smoothiefresh/)
 * (@smoothiefresh)
 * [11 years ago](https://wordpress.org/support/topic/offending-code-in-source/#post-6120819)
 * I found it! It was a super-long pharmahack thread right at the top of my site’s
   functions.php file. I’ve removed it and all seems fine. I’m also installing WordFence
   as we speak to search for any suspicious system admin logon attempts. See what
   that throws up.

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Offending code in source’ is closed to new replies.

## Tags

 * [php](https://wordpress.org/support/topic-tag/php/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 6 replies
 * 3 participants
 * Last reply from: [smoothiefresh](https://wordpress.org/support/users/smoothiefresh/)
 * Last activity: [11 years ago](https://wordpress.org/support/topic/offending-code-in-source/#post-6120819)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics