Eval Base64 virus WordPress

This is a PHP Code Injection attack that is most likely attempting to exploit a known vulnerability in the wordpress framework. It is using Base64 encoded PHP code to inject itself onto your hosting server via eval() which is a programming language construct that is present in nearly all programming languages, including PHP. Hacker’s with extremely organized and advanced abilities have made use of this exploit recently to wreak absolute havoc on compromised wordpress sites so be extremely careful when handling this type of problem.

Check this file in your server.

Eval virus on wordpress


Resolve this by installing Wordfence plugin on wordpress.

Sample of scan result by Wordfence:

Critical Problems:

* File appears to be malicious: deleteme.3f5fe81bdc2a49b2a31ee5b7521ad1c8.php

* File appears to be malicious: deleteme.630abfc852014f0da9dd764b4f6e89aa.php


Make sure to backup files before taking any actions.



Leave a Reply

Your email address will not be published. Required fields are marked *