Title: wordpress Known exploit = [Fingerprint Match] [PHP WordPress Exploit [P1412]] Last modified: March 22, 2018 --- # wordpress Known exploit = [Fingerprint Match] [PHP WordPress Exploit [P1412]] * [arioman](https://wordpress.org/support/users/arioman/) * (@arioman) * [8 years, 2 months ago](https://wordpress.org/support/topic/wordpress-known-exploit-fingerprint-match-php-wordpress-exploit-p1412/) * hello everyone * i`m amateur web designer and use WordPress for most of websites . * Yesterday i see my site load Blank and when i ask my Host about that they say the file function.php in my theme directory removed from server automatically cause found some virus on it ! * here some details that send for me : * **Explore Quarantine Files for User **** Quarantine date: Wed Mar 21 18:41:22 2018 Quarantine file: /quarantine/cxsuser/****/functions.php.1521645082_1 Quarantine file size: 9850 bytes Original file: /home/****/public_html/wp-content/themes/ angle/functions.php Original file atime: Wed Mar 21 18:38:58 2018 Original file ctime: Wed Mar 21 18:38:57 2018 Original file mtime: Wed Mar 21 18:38:57 2018 File owner: **** File group: **** Scan Type: cxs Watch Scan md5sum: 52b13e63b028b36f43c1256f2bde18c0 Reason: Known exploit = [Fingerprint Match] [PHP WordPress Exploit [P1412]]** * i cant undrestand why this file detect exploit , cause i scan this in localhost my backup is clear with so many antivirus plugins and virustotal * also i try to upload function.php from my backup and zip archive and even source of theme , all of theme delete immediately from server too * what this line means : Reason: Known exploit = [Fingerprint Match] [PHP WordPress Exploit [P1412]] * whats P1412 ?? and how can i found out which code or line of my function.php have problem ? * host support not help me and say i must solve it by myself 🙁 Viewing 1 replies (of 1 total) * Moderator [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/) * (@sterndata) * Volunteer Forum Moderator * [8 years, 2 months ago](https://wordpress.org/support/topic/wordpress-known-exploit-fingerprint-match-php-wordpress-exploit-p1412/#post-10103728) * Download a new copy of your theme (form wherever it originally came from), unzip locally, and then upload that functions.php to your site. If that passes your host’s test, then assume you (1) were hacked and (2) that file was the tip of the iceberg. Get a fresh cup of coffee, take a deep breath and carefully follow [this guide](https://codex.wordpress.org/FAQ_My_site_was_hacked). When you’re done, you may want to implement some (if not all) of [the recommended security measures](https://codex.wordpress.org/Hardening_WordPress). * If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple. Viewing 1 replies (of 1 total) The topic ‘wordpress Known exploit = [Fingerprint Match] [PHP WordPress Exploit [ P1412]]’ is closed to new replies. ## Tags * [exploit](https://wordpress.org/support/topic-tag/exploit/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 1 reply * 2 participants * Last reply from: [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/) * Last activity: [8 years, 2 months ago](https://wordpress.org/support/topic/wordpress-known-exploit-fingerprint-match-php-wordpress-exploit-p1412/#post-10103728) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics