If you have been infected with a type of WordPress malware that embeds malformed JAVASCRIPT code (which causes malformed redirects and other behavior) in a large number of posts, we will explain how to remove this code.


Incorrect JAVASCRIPT code in numerous WordPress posts

This type of malware continuously embeds large amounts of malicious JAVASCRIPT code in the data of database posts via a backdoor.
For example, it may embed the following JAVASCRIPT code to send users to a malicious site, or it may delay detection by recording access times in cookies so that it only works in rare cases.

<!--codes_iframe-->

<script type="text/javascript"> function getCookie(e
The incorrect code continues
,document.write('<script src="' src '"><\/script>')} </script>
<!--/codes_iframe-->

The sheer volume of this malware makes it a difficult type of malware to remove manually.

Let’s see how to mechanically remove this huge amount of malware. ( Please be sure to backup your database before trying this )

How to get rid of it Bulk Replace by plugin

The Search Regex plug in searches for various strings in the data of WordPress posts and replaces them all at once.

After installing and activating this plugin, go to the Tools > Search Regex screen in the WordPress administration screen and select the malware string you wish to replace in the search string and the replacement string should be a single space.

After this, click the Replace All button to complete the batch replacement.

What if we get rid of the incorrectly embedded JAVASCRIPT?

Even after successful disinfection, we still need to remove the cause that made it possible to embed this string.
As an example, the following causes could have been tampered with by hackers

1 Seizure of WordPress administrator privileges → change the administrator’s password
2 Vulnerability of plugins, etc. → Update WordPress and plugins and perform vulnerability checks
3 Backdoor -> There may be a program embedded in the site to illegally rewrite the database. We will perform a malware inspection.

It is also recommended to install security plug-ins.
What security experts recommend in a WordPress security plugin