WordPress vulnerability issue

My wordpress website have just been hacked and after looking at logs I saw that they exploited this file: www/wp-content/themes/mytheme/style.php

When browse this link www.mywebsite.com/wp-content/themes/mytheme/style.php I find an input field with a button. So I guess that’s where they uploaded their shell script.

$wp_auth_check = '<form method= "post" action= ""> <input type= "input" name= "_f_wp" value= ""/><input type= "submit" value= "&gt;"/></form>';

How can I solve this vulnerability? Thanks

Read more here: WordPress vulnerability issue

Leave a Reply

Your email address will not be published. Required fields are marked *