In my wordpress site script added in footer on wp_footer action.
- Script show in all themes (including default themes) I have disable
all plugins but still show.
- I am using wp 4.7.3 so i replace wp-admin/wp-include folder with fresh downloaded files. (Problem not solved)
- I replace twentyseventeen theme with fresh files, now virus script not show
in default themes but showing in main theme.
- I search in my theme, there is no eval(), base64_decode(), x64
kinds of codes.
- I print all list of wp_footer hooks but that’s not help me..
- Install “simple show hooks” plugins, its also not work.
- This virus script not work when admin/user is login, so i also try to find is_user_logged_in() function but nothing found.
- I search in whole database “x64, eval(, base64, apu,etc” also not found in db.
- Install Anti malware security but not working.
- If i remove wp_footer() function, then virus script not show.
What should i do now?
How to find virus location/hook?
Is there any wp action/filter, that hook after each action /filter hooked??
Read more here: WordPress virus, popads script added on wp_footer action