Web Attack: Mass Injection Website 19

I have a wordpress website (www . newhopeinnumine . com) that is being blocked by Norton 360 with the message: Web Attack: Mass Injection Website 19.  I can't find any indication of malicious code and when I visit the website from a device not secured by Norton, the website shows no signs of being hacked.  I need help determining what is causing this false positive and how to resolve it.

I agree, the site must be updated or it will be hacked (again?) and may attack victors. I took a glance at the site in it's current state and found (at the moment, for me only) that there was no obvious attack code.

Maybe the site is clean at the moment and needs updated to keep it that way, or maybe it is still infected an the infection is being tricky (hiding).

password My intent is to invoke that the current version of WordPress is the issue. Without an upgrade the site will continue to be presented as malicious and vulnerable to code injections. The site owner should have it reviewed per the post by CON_OPS as stated here.

https://community.norton.com/en/comment/6891711#comment-6891711

 

Cheers

SoulAsylum:

password If you are running Norton this site block should appear with every instance of trying to access it. No matter the browser you are using since it has been reported. Cheers.

I know, I had to bypass that to analyze the site, which I found nothing suspect script-wise. That could mean the site is cleaned up, or I didn't look hard enough, or that the infected site decided not to serve malicious content to me.

password If you are running Norton this site block should appear with every instance of trying to access it. No matter the browser you are using since it has been reported. Cheers.

Yes the site is outdated and vulnerable to attack. Currently I don't see attack scripts on the URLs the Norton flagged, but since this is a potentially compromised server it may be that the site only attacks 1 out of ever 20 visitors.

If the original poster @poochokid can verify what version WordPress the church site is using that will tell how the vulnerability to the site happened. WordPress 4.7.x versions through 4.7.5 are vulnerable to code injection as well as other bugs.

https://www.cvedetails.com/vulnerability-list/vendor_id-2337/product_id-4096/

WordPress version 4.8 should be used to totally redo the site and rid it of being vulnerable.

https://wordpress.org/download/

church.PNG

Hi everyone, i have the same problem.

Could someone help me, how to fix it?