Support Forum

OK.I am afraid you are not going to like this very much..

The problems are in the files. And NOT just SP. Most of the other WP plugins and theme files. They have ALL been hacked and had a javascript script injected into them at the top - and in some cases at the bottom as well. It is quite possible the same applies to WP core files as well but of course I can't look at those.

As I know you have replaced many of these files - SP and your WP theme for example - then that suggests whatever is causing the code to be injected is still on the site waiting to pounce

This is out of my league to be honest. If it were me I would be wiping the site clean of ALL files and the starting from scratch to reload WP, your theme and your plugins. I would be trying to keep the database intact of course so that i can use it with the rebuilt site and hope that there is no problem with that lurking somewhere in the deep.

Sorry to have to tell you this. I am pretty appalled that your host has not been more forthcoming

No, no stop.

There is no direct evidence that the database has a problem. As I say - I am out of my league a little here but I would not make the assumption that the database is dirty. And if the Db is Ok then you will still have all of your users/posts etc.

What you should do is make a backup of the database and keep it safe somewhere. You will also want to keep your uploaded items - both from the forum and from the site. This could be a potential problem because we don't know if they are clean or not so they would have to be looked at one by one really. But for all we know - this infection is only interested in the php code files.

If you know anyone who DOES know about this sort of stuff and they owe you a favour then now is the time to call it in!