captainhypertext

I did get prompted to update to version 2.0.3 today, but it didn’t fix my problem.

@goodyis Your solution worked for me, thanks! I replaced “wp-content/plugins/googleanalytics/js/bootstrap.min.js” with stock bootstrap (v 3.3.7) and it works fine now.

• This reply was modified 9 years, 5 months ago by captainhypertext.

The plugins page says I’m using 2.0.2 (I swear I updated to 2.0.3 a few minutes ago :/). Either way, it’s not prompting me to update.

No…no I wasn’t aware that my site was vulnerable to attack. Thank you for telling me.

This server actually runs several WordPress sites, which I’ve de-facto inherited responsibility for since our company won’t hire a proper server admin. Some are old and unused, some are for clients, and a few are important ones that are in use for the company.

But they’ve just been sitting there for a while, and it seems they’re pretty messed up. The malicious scripts kept appearing the header.php’s of all the themes each day. I’ve found at least three back door php scripts that are either obfuscated or run eval($_GET[‘cmd’]), so that might be why.

This is clearly some kind of exploit, so I was just curious if this was a known exploit of WordPress or some plugin, so I could identify exactly where the vulnerability was. Just updating WordPress and hoping it’s fixed really doesn’t cut it.

At this point though, we’re probably going to have to salvage what’s important and burn the server.