{"id":1111,"date":"2021-03-12T16:22:42","date_gmt":"2021-03-12T15:22:42","guid":{"rendered":"https:\/\/dotinum.com\/blog\/?p=1111"},"modified":"2025-09-19T10:16:56","modified_gmt":"2025-09-19T08:16:56","slug":"my-wordpress-has-been-hacked-how-did-this-happen","status":"publish","type":"post","link":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/","title":{"rendered":"My WordPress has been hacked &#8211; how did this happen?"},"content":{"rendered":"\n<p style=\"text-align: center;\"><em><strong>TL;DR<\/strong> WordPress security issues are a common concern, and outdated plugins or themes are often the main reason behind successful attacks. In this article, you\u2019ll learn how WordPress websites get hacked, what the consequences may be, and which popular plugins recently had vulnerabilities (Contact Form 7, Easy WP SMTP, Redux). You\u2019ll also find out how tools like WordPress Toolkit, ImunifyAV, and Imunify360 can help keep your website safe, and what to do immediately if your site has already been compromised.<\/em><\/p>\n\n\n\n<nav aria-label=\"Table of Contents\" class=\"wp-block-table-of-contents\"><ol><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#how-wordpress-is-hacked\">How WordPress is hacked?<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#what-can-be-the-consequences-of-a-hack\">What can be the consequences of a hack?<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#popular-plugins-with-vulnerabilities-in-december-2020\">Popular plugins with vulnerabilities in December 2020<\/a><ol><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#wordpress-easy-wp-smtp-plugin\">WordPress Easy WP SMTP Plugin<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#redux-plugin\">Redux Plugin<\/a><\/li><\/ol><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#automatic-updates-using-wordpress-toolkit\">Automatic updates using WordPress Toolkit<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#my-wordpress-has-been-hacked-how-to-go-with-it\">My WordPress has been hacked \u2013 how to go with it?<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#faq\">FAQ<\/a><ol><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#why-do-wordpress-sites-get-hacked\">Why do WordPress sites get hacked?<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#what-are-the-most-common-consequences-of-a-hack\">What are the most common consequences of a hack?<\/a><\/li><li><a class=\"wp-block-table-of-contents__entry\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#how-can-i-protect-my-wordpress-from-hacks\">How can I protect my WordPress from hacks?<\/a><\/li><\/ol><\/li><\/ol><\/nav>\n\n\n\n<p class=\"wp-block-paragraph\">WordPress and issues related to its security are common notions occurring in questions from our clients, and therefore a regularly appearing topic on our blog. Last weeks have brought many bad events \u2013 websites based on WordPress have been hacked all over the world due to \u201cleaky\u201d plugins.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Read how to find out what happened and how it might apply to you.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"how-wordpress-is-hacked\"><strong>How WordPress is hacked?<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Our clients very often write to us \u201cbut I haven\u2019t done anything with my website for the last 5 years\u201d. Unfortunately, most often this is the cause of hacks.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">What could have led to the hack:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>An outdated version of your WordPress.<\/li>\n\n\n\n<li>Outdated installed plugins.<\/li>\n\n\n\n<li>An outdated theme.<\/li>\n\n\n\n<li>Malware attack, that infects your PC and steals the password to your website hosting account.<\/li>\n\n\n\n<li>Using the same password on various services and the leakage of password from a different service.<\/li>\n\n\n\n<li>Keeping another, \u201cleaky&#8221; WordPress site on the server, for example, an old version of a page from 2009 in the &#8220;old&#8221; folder.<\/li>\n\n\n\n<li>Keeping on the server the software other than WordPress which has leaks (e.g. outdated Drupal).<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Remember that the password cannot be leaked on our side. The reason behind this is we, as a service provider, don\u2019t keep your login passwords. Instead, we store their cipher and password verification is undertaken through the comparison of ciphers, not passwords.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"what-can-be-the-consequences-of-a-hack\"><strong>What can be the consequences of a hack?<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">After a successful attack, a hacker places on your account an executable file which gives a possibility to change any other files. The hacker may spread malware all over your account, modify the existing files, add malicious cron jobs, and so on. Such code is most often encrypted so it will be difficult to trace the principles of its operation.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Our observations show that most attacks are not aimed at a specific website. Break-ins to steal data are not so common.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The most common effects of gaining unauthorized access to your WordPress installation are:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Sending spam<\/strong>\u00a0from your email accounts. The attackers often send many thousands of emails advertising fake financial services or including download links for malicious software. This type of spam greatly damages your domain\u2019s reputation and can mark your emails as spam.<\/li>\n\n\n\n<li><strong>Malware distribution<\/strong>. Websites encouraging to install the unknown programs are placed on your domain. Links to them are then \u201cadvertised\u201d, e.g. in social media.<\/li>\n\n\n\n<li><strong>Spam SEO<\/strong>. There are new subpages on your website with positioning links to others. The attackers use the reputation of your website for their purposes.<\/li>\n\n\n\n<li><strong>Website destruction<\/strong>. The attacker may delete a part or all files \u201cfor fun\u201d. In this case, recovering them is usually possible from a backup.<\/li>\n\n\n\n<li><strong>Personal data leakage<\/strong>\u00a0of your website. This is the worst-case scenario &#8211; it is associated with high penalties resulting from legal provisions.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"popular-plugins-with-vulnerabilities-in-december-2020\"><strong>Popular plugins with vulnerabilities in December 2020<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Contact Form 7<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Contact 7 is a very popular plugin for creating various application forms on websites based on WordPress. Most often it is a contact form. The plugin is easy to use, used by more than 5 million websites in the world.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">On 16 December 2020, the error description with the CVE-2020-35489 code was published. A vulnerability was found in 5.3.1 and earlier versions of this plugin allowed to place any file on the server without any authorization. It allows the attacker to have full access to a given website hosting account.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"660\" height=\"431\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/contact-form-7.jpg\" alt=\"screenshot from contact form 7\" class=\"wp-image-1142\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/contact-form-7.jpg 660w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/contact-form-7-300x196.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/contact-form-7-551x360.jpg 551w\" sizes=\"auto, (max-width: 660px) 100vw, 660px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">The new 5.3.2 version of the Contact Form 7 plugin was immediately released which fixes this issue. Users of this plug-in should update it as soon as possible.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"wordpress-easy-wp-smtp-plugin\"><strong>WordPress Easy WP SMTP Plugin<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">WordPress Easy WP SMTP Plugin has half a million active installations. The plugin allows you to force WordPress to send all emails using SMTP &#8211; so not from PHP level but similar to an email client. It increases the delivery level of emails.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"772\" height=\"250\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/smtp.png\" alt=\"screenshot of smtp\" class=\"wp-image-1143\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/smtp.png 772w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/smtp-300x97.png 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/smtp-768x249.png 768w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/smtp-640x207.png 640w\" sizes=\"auto, (max-width: 772px) 100vw, 772px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">It is true that error in the plugin is not as important as in the case of Contact Form 7, but it allows to list all files in the folder in which it is placed. It allows finding a log file that can contain information about WordPress admin panel login. The attacker calls the administrator password reset and then he finds the password reset code in the log file.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This vulnerability has been removed in version 1.4.3 of the Easy WP SMTP Plugin.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"redux-plugin\"><strong>Redux Plugin<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Redux is an extension with over a million active installations. It expands the possibility of Gutenberg editor in various templates. It allows for the easy creation of great-looking websites in WordPress thanks to a library of more than 1,000 finished templates for self-adaptation.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"773\" height=\"248\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/redux.jpg\" alt=\"screenshot of redux\" class=\"wp-image-1144\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/redux.jpg 773w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/redux-300x96.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/redux-768x246.jpg 768w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/redux-640x205.jpg 640w\" sizes=\"auto, (max-width: 773px) 100vw, 773px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">The detected vulnerability is of the CSRF type (Cross-Site Request Forgery). It allows the attacker to use the authorizations of the currently logged-in user (administrator) to send commands without the knowledge of this user. WordPress has a so-called \u201cnonces\u201d mechanism, one-time tokens to authenticate requests. As it turns out, Redux has been verifying the correctness of nonces only when they appeared in the request. In the case of their absence, the request was simply executed.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This vulnerability was patched on December 12, 2020, in version 4.1.24 of this plugin.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"automatic-updates-using-wordpress-toolkit\"><strong>Automatic updates using WordPress Toolkit<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Since November 2020, WordPress Toolkit has been available on our servers. It is a tool both for a simple installation of any WordPress domains connected to your server as well as for managing existing updates.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">WordPress Toolkit allows among others for automatic updates of your WordPress and all add-ons.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">To switch on this option, log in to the server administrator panel (cPanel) and go to WordPress Toolkit. You will see a list of all WordPress installations on your account. Each of them has an &#8220;Autoupdate settings&#8221; switch. Here you can update WordPress, plugins, and themes. We recommend enabling all those options.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1023\" height=\"731\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/wp-toolkit.jpg\" alt=\"screenshot of wordpresstoolkit\" class=\"wp-image-1145\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/wp-toolkit.jpg 1023w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/wp-toolkit-300x214.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/wp-toolkit-768x549.jpg 768w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/wp-toolkit-504x360.jpg 504w\" sizes=\"auto, (max-width: 1023px) 100vw, 1023px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">If there is an update of a given plugin related to security, WordPress Toolkit will update it without manual action. Thanks to this, your website will be safe. Is it cool? Sure it is.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"my-wordpress-has-been-hacked-how-to-go-with-it\"><strong>My WordPress has been hacked \u2013 how to go with it?<\/strong><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">You have to act as soon as possible. Each day of delay means losses resulting from the lack of website operation and also decrease in SEO position, including even a threat of complete removal of the website from Google index.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The hosting provider is obliged to immediately block a hacker in case of a hack. It usually means blocking access to the entire WordPress installation. However, access is still possible from the cPanel or FTP level.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Using antivirus scanner&nbsp;<strong>ImunifyAV,&nbsp;<\/strong>&nbsp;you may find all infected files on your website hosting account:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1022\" height=\"671\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/imunify.jpg\" alt=\"screenshot of imunifyav+\" class=\"wp-image-1146\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/imunify.jpg 1022w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/imunify-300x197.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/imunify-768x504.jpg 768w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/imunify-548x360.jpg 548w\" sizes=\"auto, (max-width: 1022px) 100vw, 1022px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">You can also use&nbsp;<strong>Imunify 360<\/strong>. It\u2019s proactive protection that helps to prevent the majority of attacks. However, if a hack occurs, Imunify 360 will automatically clean or remove the malware.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1010\" height=\"738\" src=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/immunify.jpg\" alt=\"screenshot of immunify\" class=\"wp-image-1147\" srcset=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/immunify.jpg 1010w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/immunify-300x219.jpg 300w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/immunify-768x561.jpg 768w, https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/immunify-493x360.jpg 493w\" sizes=\"auto, (max-width: 1010px) 100vw, 1010px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">However, just removing the malicious files may not be enough. You need to obtain access to the WordPress panel in an isolated way, to perform necessary clean-ups and updates, and also solve the problems arising from the attack.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"faq\">FAQ<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"why-do-wordpress-sites-get-hacked\">Why do WordPress sites get hacked?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Most attacks result from outdated plugins, themes, or WordPress versions. Other causes include weak passwords, malware-infected computers, or leaving old \u201cleaky\u201d sites on the server.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"what-are-the-most-common-consequences-of-a-hack\">What are the most common consequences of a hack?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">A hacked site may send spam, distribute malware, host spam SEO pages, or even leak personal data. In severe cases, files may be deleted.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"how-can-i-protect-my-wordpress-from-hacks\">How can I protect my WordPress from hacks?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Enable automatic updates with <strong>WordPress Toolkit<\/strong>, regularly update plugins and themes, and use security tools like <strong>ImunifyAV<\/strong> or <strong>Imunify360<\/strong>.<\/p>\n\n\n<div class=\"wp-block-post-author\"><div class=\"wp-block-post-author__avatar\"><img alt='' src='https:\/\/secure.gravatar.com\/avatar\/5c8ab8e275fda9a05067c86ad1d766b9e3ef89ae02055ef6787d25309db6a02f?s=96&#038;d=mm&#038;r=g' srcset='https:\/\/secure.gravatar.com\/avatar\/5c8ab8e275fda9a05067c86ad1d766b9e3ef89ae02055ef6787d25309db6a02f?s=192&#038;d=mm&#038;r=g 2x' class='avatar avatar-96 photo' height='96' width='96' \/><\/div><div class=\"wp-block-post-author__content\"><p class=\"wp-block-post-author__byline\">Written by<\/p><p class=\"wp-block-post-author__name\">Agnieszka Pawlak<\/p><p class=\"wp-block-post-author__bio\">Marketing and graphic specialist in Dotinum. 5 years in marketing, over 10 in the graphic field. Outside Dotinum she curates content for 4 other brands. Loves games, reading, and baking.<\/p><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>TL;DR WordPress security issues are a common concern, and outdated plugins or themes are often the main reason behind successful attacks. In this article, you\u2019ll learn how WordPress websites get hacked, what the consequences may be, and which popular plugins recently had vulnerabilities (Contact Form 7, Easy WP SMTP, Redux). You\u2019ll also find out how [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":1141,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[132,107],"tags":[106,8,7],"class_list":["post-1111","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-wordpress","tag-hacked","tag-wordpress","tag-wordpress-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>My WordPress has been hacked - how did this happen? - Blog Dotinum.com<\/title>\n<meta name=\"description\" content=\"Last weeks have brought many bad events \u2013 websites based on WordPress have been hacked all over the world due to \u201cleaky\u201d plugins.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"My WordPress has been hacked - how did this happen? - Blog Dotinum.com\" \/>\n<meta property=\"og:description\" content=\"Last weeks have brought many bad events \u2013 websites based on WordPress have been hacked all over the world due to \u201cleaky\u201d plugins.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog Dotinum.com\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-12T15:22:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-19T08:16:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/my-wordpress-has-been-hacked-scaled.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1763\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Agnieszka Pawlak\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Agnieszka Pawlak\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"My WordPress has been hacked - how did this happen? - Blog Dotinum.com","description":"Last weeks have brought many bad events \u2013 websites based on WordPress have been hacked all over the world due to \u201cleaky\u201d plugins.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/","og_locale":"en_US","og_type":"article","og_title":"My WordPress has been hacked - how did this happen? - Blog Dotinum.com","og_description":"Last weeks have brought many bad events \u2013 websites based on WordPress have been hacked all over the world due to \u201cleaky\u201d plugins.","og_url":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/","og_site_name":"Blog Dotinum.com","article_published_time":"2021-03-12T15:22:42+00:00","article_modified_time":"2025-09-19T08:16:56+00:00","og_image":[{"width":2560,"height":1763,"url":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/my-wordpress-has-been-hacked-scaled.jpeg","type":"image\/jpeg"}],"author":"Agnieszka Pawlak","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Agnieszka Pawlak","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#article","isPartOf":{"@id":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/"},"author":{"name":"Agnieszka Pawlak","@id":"https:\/\/dotinum.com\/blog\/#\/schema\/person\/b6f597e8623959d03aefc9644bae8a43"},"headline":"My WordPress has been hacked &#8211; how did this happen?","datePublished":"2021-03-12T15:22:42+00:00","dateModified":"2025-09-19T08:16:56+00:00","mainEntityOfPage":{"@id":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/"},"wordCount":1403,"commentCount":0,"publisher":{"@id":"https:\/\/dotinum.com\/blog\/#organization"},"image":{"@id":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#primaryimage"},"thumbnailUrl":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/my-wordpress-has-been-hacked-scaled.jpeg","keywords":["hacked","wordpress","wordpress security"],"articleSection":["security","wordpress"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/","url":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/","name":"My WordPress has been hacked - how did this happen? - Blog Dotinum.com","isPartOf":{"@id":"https:\/\/dotinum.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#primaryimage"},"image":{"@id":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#primaryimage"},"thumbnailUrl":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/my-wordpress-has-been-hacked-scaled.jpeg","datePublished":"2021-03-12T15:22:42+00:00","dateModified":"2025-09-19T08:16:56+00:00","description":"Last weeks have brought many bad events \u2013 websites based on WordPress have been hacked all over the world due to \u201cleaky\u201d plugins.","breadcrumb":{"@id":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#primaryimage","url":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/my-wordpress-has-been-hacked-scaled.jpeg","contentUrl":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2021\/03\/my-wordpress-has-been-hacked-scaled.jpeg","width":2560,"height":1763,"caption":"A computer popup box screen warning of a system being hacked, compromised software enviroment. 3D illustration."},{"@type":"BreadcrumbList","@id":"https:\/\/dotinum.com\/blog\/my-wordpress-has-been-hacked-how-did-this-happen\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/dotinum.com\/blog\/"},{"@type":"ListItem","position":2,"name":"My WordPress has been hacked &#8211; how did this happen?"}]},{"@type":"WebSite","@id":"https:\/\/dotinum.com\/blog\/#website","url":"https:\/\/dotinum.com\/blog\/","name":"Blog Dotinum.com","description":"Software house from Wroclaw, Poland with proven experience (since 2002) is open to work with more international customers. Learn about how we can help grow your online business.","publisher":{"@id":"https:\/\/dotinum.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dotinum.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/dotinum.com\/blog\/#organization","name":"Blog Dotinum.com","url":"https:\/\/dotinum.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dotinum.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2026\/04\/cropped-Projekt-bez-nazwy10.png","contentUrl":"https:\/\/dotinum.com\/blog\/wp-content\/uploads\/2026\/04\/cropped-Projekt-bez-nazwy10.png","width":250,"height":84,"caption":"Blog Dotinum.com"},"image":{"@id":"https:\/\/dotinum.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/dotinum.com\/blog\/#\/schema\/person\/b6f597e8623959d03aefc9644bae8a43","name":"Agnieszka Pawlak","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/5c8ab8e275fda9a05067c86ad1d766b9e3ef89ae02055ef6787d25309db6a02f?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/5c8ab8e275fda9a05067c86ad1d766b9e3ef89ae02055ef6787d25309db6a02f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5c8ab8e275fda9a05067c86ad1d766b9e3ef89ae02055ef6787d25309db6a02f?s=96&d=mm&r=g","caption":"Agnieszka Pawlak"},"description":"Marketing and graphic specialist in Dotinum. 5 years in marketing, over 10 in the graphic field. Outside Dotinum she curates content for 4 other brands. Loves games, reading, and baking.","url":"https:\/\/dotinum.com\/blog\/author\/agnieszka\/"}]}},"_links":{"self":[{"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/posts\/1111","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/comments?post=1111"}],"version-history":[{"count":4,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/posts\/1111\/revisions"}],"predecessor-version":[{"id":1912,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/posts\/1111\/revisions\/1912"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/media\/1141"}],"wp:attachment":[{"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/media?parent=1111"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/categories?post=1111"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dotinum.com\/blog\/wp-json\/wp\/v2\/tags?post=1111"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}