Dealing with the GDPR compliance plugin infection?

This is a NASTY NASTY NASTY WordPress infection that has been running very wild these past few days and infected tons of WordPress sites. Oh by the way, did we say that this GDPR Compliance Plugin Infection is NASTY?

What makes this type of infection a bit different than the others is that the infection changes the WORDPRESS ADDRESS URL of your WordPress installation inside of the database. This type of GDPR Compliance Plugin Infection will also lead your site to being blacklisted from search engines.

This means that when someone tries to visit your site, they will see a massive warning telling them that it is not safe. Like we said, NASTY right?

Here are some pointers as to how you can identify this is on your site and remove it.

  1. Change WORDPRESS ADDRESS URL in Database

The main goal of this infection is to change this URL inside of your database so the first step is to change it back to what it should be.  We will not be able to access your admin area so you must do this in your database using your web hosting control panel.  Follow the steps below.

Use phpMyAdmin to access your site database

Navigate to the options table and open it

Edit and save the row that says SITE URL

One you can login you need to update the plugin ASAP
After you complete the above, log into your site and update the GDPR Compliance Plugin right away.  The newest version of the plugin contains a patch for this infection vulnerability.

  1. Run A Website Infection Scan

Scan site URL at any of the online malware scanners below

Use a WordPress plugin to scan site or server for malicious code.
Below is our 2 favorite infection scanner plugins.FREE WordPress Infection Scanner Plugin will scan your website for malware and automatically remove any known threats. The plugin can also harden your wp-login.php page to stop brute force attacks. FREE WordPress Infection Scanner Plugin. Wordfence Security is one of the most popular security plugins available for WordPress. The plugin can scan your website core files, theme files, and plugin files, against known threats.

Often overlooked for any WordPress issue is to ask your host to investigate.
That is what they are there for.  To support your site.  You can contact them and ask them to run a scan on your server for any malicious files or code.

See a detailed post on how this type of WordPress infection happens at the link below.

Privilege Escalation Flaw In WP GDPR Compliance Plugin Exploited In The Wild


Written by