How to delete WordPress malware ($_REQUEST[‘action’]) && isset($_REQUEST[‘password’]) &&

This type of malware causes unwanted redirects to third-party websites, and is commonly found inside nulled theme’s functions.php file

Source code:

How to remove this WordPress redirects?

  • Delete wp-vcd.php and class.wp.php files from wp-include folder
  • Edit post.php and delete the malicious code
  • Edit your theme’s functions.php file, and delete the above code ☝️

UPDATE: I recommend reinstalling WordPress as instructed here: How to clean up a hacked WordPress site (Complete Guide)

Was this post helpful?

Leave a Reply