Malware Infection Breaking WordPress Websites - Blogging, Small Business, Web Design & Hosting Tips - A Small Orange

Malware Infection Breaking WordPress Websites

There is a known malware infection caused by a serious vulnerability in the MailPoet WordPress plugin. This malicious attack attempts to slyly inject Spam into the hacked site, which is causing websites to break, and focuses predominantly on WordPress sites with outdated plugins or weak admin passwords.

What It Looks Like

The infected PHP code is very buggy and is corrupting legitimate website files, as well as themes and plugin files, which causes PHP errors to be displayed instead of website content:

Parse error: syntax error, unexpected ‘)’ in /home/user/public_html/site/wp-config.php on line 91

After removing the infecting malware, the only way to remedy the issues is to restore the corrupted files from a backup. This is what the malware code looks like:

<?php $pblquldqei = ’5c%x7824-%x5c%x7824*!|!%x5c%x7824-%x5c%x7824%x5c%x785c%x5c%x7825j^%xq%x5c%x7825%x5

If you are running MailPoet, we recommend upgrading it to the latest version. 


If you aren’t able to fix the issue on your end, please don’t hesitate to contact Support. We’re happy to help.

  • Paul Arneson

    I have added ASO to my blog feed, and saw this pop up the other day, we do run a WordPress site but luckily didn’t have MailPoet installed. I just wanted to say it’s great to see a host update their users on the latest security via their blog postings, and proactively offer assistance.

    Paul Arneson

  • It’s a shame that these vulnerabilities happen sometimes. I recently moved my site away from the WordPress platform but still make use of some of the plugins since there are just so many to choose from.

    The sucky thing about these vulnerabilities though is that most of the time you won’t even know about them until you actually look at the html that is generated.