Home Forums Archived Forums Weaver II Theme Weaver II Pro Existing site with embedded hack code

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
  • #51798

    We have an existing site in Weaver II Pro. I know we need to migrate but just can’t do it now. Discovered that most pages on the site have some embedded code that is not part of anything accessible via WP or Theme settings. It is inserted directly after <!–#wrap-header –> == $0. The inserted code is:

    The link is slightly different on some of the pages. I guess it got there through some kind of hacking although malware scans don’t find any issues.

    If I re-load the whole theme will that clear all these out? If so, can you advise the best way to do this (backup all the settings, remove weaver II completely, reload the theme, restore the backup settings?). I want to be sure I don’t wreck the whole site.



    The code is:

    < div class=’apotek’ id=’709855′>

    < /div>


    First deactivate ALL non weaver plugin, to make sure it is not coming from one of them.
    If the code goes away, reactivate one by one testing in between to find the culprit.
    If the code is still there, then you may have been hacked. If so, it is hard to know how deep it has been placed.

    Downloading a copy of your settings, then switching to a different theme would allow you to see if the code is still there on a different theme.
    If so, the hack is in the WordPress installation.
    If the code is not there in another theme, then make sure you download a copy of the weaver theme and plugin, then delete all Weaver theme and plugins, and then reinstall from scratch. All your settings should be back automatically.


    You can also try running a scan with a security plugin. I have used Wordfence on a site that was hacked and it found and deleted the code.


    Interestingly enough, Wordfence does not see this. I scan all sites daily with Wordfence looking for just about everything and it never reported it. I have since uninstalled Weaver II and then installed again (2.2.2 to 2.2.4) and all works OK and the hacker code is all gone. Guess I now better start reading up on how I’m going to convert to Weaver Xtreme! Thanks for the help.


    Since Weaver II is obsolete and no longer available from WordPress.org, Wordfence does not have access to the original theme files to do a comparison looking for changes.

    This will be true for any non-WordPress.org theme or plugin.

Viewing 6 posts - 1 through 6 (of 6 total)
  • The forum ‘ Weaver II Pro’ is closed to new topics and replies.