I have a client with his wordpress site hacked. The hackers added new folder and files and changed the index.php. I would like to know if when this happens, Could the hacker add also malicious code inside the pages, posts, comments or even images? I suppose the hackers inject the code in common wordpress files like index.php or footer.php , something that is always displayed. Am I right?
Asked
Active
Viewed 205 times
1
-
4Possible duplicate of [How do crackers upload php scripts to Wordpress' wp-content directory?](http://security.stackexchange.com/questions/54917/how-do-crackers-upload-php-scripts-to-wordpress-wp-content-directory). Also [WordPress hacked, found suspicious file](http://security.stackexchange.com/questions/104808/wordpress-hacked-found-suspicious-file), [My Hacked(?) Wordpress Sites](http://security.stackexchange.com/questions/101758/my-hacked-wordpress-sites) and [lots of others](https://www.google.com/search?q=site%3Asecurity.stackexchange.com+wordpress+hacked) – Steffen Ullrich Nov 27 '16 at 08:49
-
1is not the same question, he asked how the hackers injected files in his wordpress and I'm asking which files can be affected, are also pages and posts vulnerable to be code inkected? – Daniel Gil Nov 27 '16 at 09:00
-
4Have you looked at all the other questions here which ask about wordpress hacks? Also, if the site is hacked or if you have an insecure or even malicious plugin *everything* can be effected including but not restricted to changed PHP files, images, posts, comments... – Steffen Ullrich Nov 27 '16 at 09:12
-
4See also our canonical question on [how to deal with a compromised server](http://security.stackexchange.com/questions/39231/how-do-i-deal-with-a-compromised-server). – S.L. Barth Nov 27 '16 at 09:19
-
thanks S.L. Barth, it was a good article. So, if I should not use the same data from a hacked website, although I have a backup teoretically previous of the attack, What should I do? Write manually (without export/import) all the pages, posts and comments? – Daniel Gil Nov 27 '16 at 14:38