In this post I just want to tell you about-

– Locating the malicious codes that being injected in wordpress website files

– Removing those codes

Starting from the symptoms  that shows you that your wordpress website have been hacked or some malware is there on the site.

1- Unknown users in admin panel: If you see n number of unknown users in your wordpress admin panel which you think are fake or created automatically, then it means that site being hacked and passwords are compromised.

2- A malware warning by browser –


How to remove this –

Usually the hackers injects the malicious code in some selected wordpress files. index.php, footer.php, header.php and sometimes in all the files of wordpress. If the code is in only the 3 files then you can clean it easily, but if the code is in all files the its a bit hard to clean.

Just check these files and delete the code. After that, you have to login to google webmasters account and submit the site for a review. Google reviews the site and then you will not see this warning of malware, if code have been removed successfully.

See the snapshot for your reference.

wordpress footer malicious code
wordpress footer malicious code

Hope this help you…. Share if you like it.