On this website :
When i look for “fuckyou4321”, i found :
Data: echo (123454320+1);exit();
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion
If i take my last backup, the 18th december 2017 (i’m going to restore, i don’t know if a backdoor is added), i don’t find the line with $_POST[‘dd’], and my infected version on dropbox is from 18th january 2017 (oldest)
The oldest log for apache in /var/log/apache2, is from the 25th february, so it’s impossible to check the request with GET parameter… 🙁
So it’s a hack of my website
Welcome to the Advanced Custom Fields community forum.
Browse through ideas, snippets of code, questions and answers between fellow ACF users
Helping others is a great way to earn karma, gain badges and help ACF development!
© 2023 Advanced Custom Fields.