Ecommerce Shopify WordPress Discussion

WordPress Sites hacked due to POST SMTP Plugin – How to solve the Aftermath? [closed]

Closed. This question is not about programming or software development. It is not currently accepting answers. This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered. Closed 2 days ago. Improve this question I am also a victim of the hack with the identifier CVE-2023-6875 [Post SMTP authorization bypass] All Wordpress websites as well as static pages on one of my servers were affected. I have since moved most of the websites to a new server using backups from before the hack. I have also updated all plugins including Post SMTP, as the vulnerability should be fixed from version 2.8.8 (I am using 2.8.11) -> https://www.bleepingcomputer.com/news/security/over-150k-wordpress-sites-at-takeover-risk-via-vulnerable-plugin/#google_vignette However, I had to move a single page without a backup and cleaned it up manually beforehand. I installed a fresh WP, copied the Theme folder and restored the database. This went well for about a week until the first obfuscated files reappeared. I have already verified the checksums of the core files using wp-cli and also had Sucuri scan the Wordpress instances for malware - everything went smoothly. Has anyone already found a permanent solution to this or any idea what mechanism is used to recreate the files and inject code into existing index.php files? I am grateful for any input! I tried to manually remove the obviously malicious Code injected into regular files and the obfuscated files as a whole, checked the core wp files with wp-cli checksums, scanned with sucuri for malware. I Listed every changes that were made the past days with: find . -mtime -2 -ls and went throught that list.
TurboCommerce make the better internet purchasing globaly

Turbo Multi-language Translator

Make the better internet purchasing globaly

Turbosify SEO Speed Booster

5.0 (7) Free plan available
Get better conversions by improving store loading speed Installed

Turbo Multi-language Chat - AI Customer service in one hand

TurboCommerce make the better internet purchasing globaly
Our products

The help you need, when you need it

App by Turbo Engine

3 apps • 5.0 average rating

Turbosify Speed Booster

5.0 (7)
Get better conversions by optimizing shopify store Google page speed Installed

Turbosify Translator for Wordpress Woocommerce

5.0 (74) Free Wordpress Woocommerce Plugin
Translate your wordpress website to multiple language within 1 click, no configuration needed, no No technical required

Grow your business here

Whether you want to sell products down the street or around the world, we have all the tools you need.