Loading malicious script #13
Comments
yeah, definitely malicious! Solution: Deactivate then deinstall the plugin in Wordpress. We also had to restart the Wordpress server to clear some caches. |
This is now also registered in WPScan's database and the plugin has been removed from the WordPress plugin repo. |
Hi. I have this problem on my site. I removed the plugin ages ago but getting this malicious re-direct. Is anyone able to explain how to clear the Wordpress caches as mentioned above? |
I have been trying to fix this today. I could see the line in my code when viewing source on the live webpage but not in the source through the Wordpress editor. But after pouring over it, I just spotted a small icon in the source code - like a video icon - and that was it. I've removed that and it seems to have gone from my site. I hope! |
We have Wordpress deployed with docker-compose. So we restarted the container with 'docker-compose down' 'docker-compose up'. Afterwards the references to climatestrike disappeared. I am also not a Wordpress expert so i dont know what exactly this did and how it translates to your situation. |
This plugin loads a script from
https://assets.digitalclimatestrike.net/widget.js
. This file may have been compromised as it redirects users to gladdiator[dot]io.Our scanners are picking this up as malicious.
The text was updated successfully, but these errors were encountered: