27Mar
WordPress site infected index.php file [closed]
My wordpress has been infected in its index.php file. They insert malicious code at the beginning of the file and change the permissions of the file to r-- r-- r--. As root I modify these permissions to be able to edit it and remove the code but after a while it is infected again and with the permissions changed. I have run Wpscan on the site and it tells me the site template may suffer from this vulnerability: https://wpscan.com/vulnerability/9ab3d6cf-aad7-41bc-9aae-dc5313f12f7c/
I follow the instructions, delete the lang_upload.php file and it still gets infected again. I've updated the plugins and run Wordfence but it doesn't find anything flagged. Does anyone know how to fix this? Thank you very much.
