Many WordPress blogs were infected by a malicious plugin named ToolsPack. This plugin is a backdoor that allows any attacker to execute arbitrary PHP code on the infected website. The plugin contains only one file named ToolsPack.php. This file contains the backdoor.


Remove this plugin from your website. Delete the ToolsPack plugin directory from your WordPress /wp-content/plugins/ installation.


Related Vulnerabilities