malicious code 336988

  • Author
  • #1112481


    I have about 15 WordPress installations (at 3.4 and 3.5). On December 12 and again on December 30, someone/something injected malicious code into hundreds of html, php and js files in a directory on my server, and deposited malicious .htaccess files. The code is commented with the # 336988.

    Google shows one other person with this issue, and so far the best guess is that there’s a plugin with a vulnerability.

    Any ideas?



    You did not specify a blog address or reason for posting when you created this topic.

    This support forum is for blogs hosted at If your question is about a self-hosted WordPress blog then you’ll find help at the forums.

    If you don’t understand the difference between and, you may find this information helpful.

    If you forgot to include a link to your blog, you can reply and include it below. It’ll help people to answer your question.

    This is an automated message.


    pwforaker do you have skype, mail, anyway to talk with you?

    Because “my website” was also hacked but is not a WP website, is custom made and i would like to know how, that “number” i think that is the name of the hacker…. first i thought that was a “hack numer” like ID for the website hacked, but now i see that is not true….

    Can you please send me all the info that you have about this topi? In my site i just saw .js and .html “hacked” but i noticed some .htacces in on other websites.



    The site you are asking about does not seem to be hosted on WordPress.COM so you need to make friends over at WordPress.ORG the keepers of the software you are using.

    This site is for support of sites hosted on WordPress.COM. You should address your questions to WordPress.ORG the keepers of the software you are using:

    For more on the difference:



    Hi, I’ve published a script on StackOverflow that can hepl to remove the trojan.


The topic ‘malicious code 336988’ is closed to new replies.