Avatar of Dbast
Dbast
 asked on

How to find an alleged malicious script in WordPress site

A visitor to my Web site at https://giving.heartland.org/ says "Kaspersky advised me it had blocked a malicious URL, and I thought I'd check your source to see if it was your site. Turns out it was, at the very bottom of your source code you have some malicious code executing an iframe to a malicious site via JavaScript."

A quick virus scan of the page online suggested he might be right. How in the world do I go into the WordPress code to find this and get rid of it?
VulnerabilitiesWordPressJavaScript

Avatar of undefined
Last Comment
Dbast

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Jason C. Levine

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Dbast

ASKER
This is EXACTLY what I was hoping for, thank you very much for great response and fast!
Jason C. Levine

You're welcome :)

Another fast thing to check is to look at the file modification dates on the themes and plugins.  If the attack happened recently, one of the files will stand out with a recent modification date and that should be a pretty good indicator...
Dbast

ASKER
That's a very good point, thanks again.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy