Title: SQL Injection
Last modified: August 22, 2016

---

# SQL Injection

 *  Resolved [spook65](https://wordpress.org/support/users/spook65/)
 * (@spook65)
 * [11 years, 8 months ago](https://wordpress.org/support/topic/sql-injection-8/)
 * Hi. I found an hack in my SQL database that will return on the top left corner
   of my website (only Firefox and Explorer) some links related to online gambling
   websites.
 * I’ve found the corrupted line and deleted it, changed the password to my WP admin
   panel and the hack is gone.
 * But the day after the hack is back there. What should I do to fix it?
 * Thanks

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [screenbeetle](https://wordpress.org/support/users/screenbeetle/)
 * (@screenbeetle)
 * [11 years, 8 months ago](https://wordpress.org/support/topic/sql-injection-8/#post-5325787)
 * Here is a very good article to start with:
    [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress)
 * I’m not really sure from your explanation if you are talking about an sql injection
   attack or something else. Some simple things to check and do though are:
 * – Ensure your WP version is up to date
    – Ensure all plugins are up to date –
   Change your hosting FTP and Control panel passwords – Check the file permissions
   are correct (broadly 644 for files and 755 for directories – nothing should be
   777 apart from maybe uploads) – Contact your host to ask if there are any security
   issues on their side of things
 * Just a start
 *  Thread Starter [spook65](https://wordpress.org/support/users/spook65/)
 * (@spook65)
 * [11 years, 8 months ago](https://wordpress.org/support/topic/sql-injection-8/#post-5325842)
 * Hi. I found the problem. The hackers included an hidden file, not visible via
   FTP but only when downloaded on desktop PC, called social.png in each theme root
   directory. It looks like an image but it is a coded file. I’ve deleted that and
   uploaded a fresh version of my theme. I hope this will help for anyone will face
   the same problem in the future.
 * Ciao

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘SQL Injection’ is closed to new replies.

## Tags

 * [sql injection](https://wordpress.org/support/topic-tag/sql-injection/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 2 participants
 * Last reply from: [spook65](https://wordpress.org/support/users/spook65/)
 * Last activity: [11 years, 8 months ago](https://wordpress.org/support/topic/sql-injection-8/#post-5325842)
 * Status: resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics