Attackers Inject Code into WordPress Theme to Redirect Visitors

In a recent article we discussed some of the reasons sites are frequently attacked. That article covered browser redirects, and we’ll explore an example of such a case here.

Website themes are a common attack vector for many reasons. The theme is guaranteed to load on every page; that is the core design of any site, and themes can easily be customized in the site’s admin panel. However, sometimes an attacker will inject code directly into the theme’s files since those are not readily visible by a website administrator, and any changes may go unnoticed unless the admin is specifically looking through the site’s directory structure and manually inspecting code.

Let’s take a look…

To read the complete article see: Read More