My website has been hacked

A recently discovered vulnerability in Wordpress platform leaves your site open to attack. That’s why it is important to follow these guidelines to protect your site from unwanted malware.

1. All malware come from external sources and try to infect the active theme. That’s why you have to at least clean your WordPress repository from suspicious files. But the more reliable way is to delete all files from WordPress repository (themes, plugins, uploads folder etc.) except wp-config.php file and upload the new ones. The latest version of the Crumina themes can be download from a customer’s Themeforest account. The latest versions of third-party plugins, that come bundled with the themes, can be downloaded from this page.
2. Most viruses penetrate to the site by password guessing. That’s why it is also recommended to change your WordPress and FTP login credentials.
3. It is recommended to install and set up some WordPress security plugin.
4. As additional protection, you can change your wp-login page name with some WordPress plugins, like Rename wp-login.php.
5. It is strongly recommended to update themes, plugins, and WordPress in time.

All these steps will prevent your site from infecting.