![]() ![]() ![]() Thank you all cause did put me in right direction to solve it. So has some friends pointed out here, the vulnerability comes from Elementor Pro + Woocommerce. Still have no clue on what was the flaw that allowed this and how to protect it from future attacks. I'll keep on digging and when find a solution for my case I'll share it. I don't know what values it should have but mailserver_pass password yes is not a good value for sure. At the wordpress _options table the following fields mailserver_url, mailserver_login, mailserver_pass also have strange values.I've changed it to my website url and this way had access to the wp cpanel. I have checked my _options wordpress table (the suffix may not be "wp", thank you Dimistris for pointing this table) and the field siteurl had indeed a hacked url.htaccess file and theme's header.php, footer.php, functions.php files and found nothing unusual there. An hour ago my website presented this output:Īnd after it started redirecting to different url and chained redirects with spam and ads.Also noticed there were new strange users being created. 16 hours ago I received a strange email saying the admin email had changed to Admin email sent through the website (like creating new user) started giving errors.Using Wordpress | Blueshost server | Cloudflare CDN | Elementor.and possible will have more info in an hour or so. It seems like it's exploiting some common flaw. I'm having the same issue starting a few hours ago.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |