Hi Folks
Our server malware detection has found a number of sites that use WordFence but have had Malware installed on them without WordFence picking it up.
Exploit has been installed by modifying wp-con-PHP and is coming up as mr.dellationx196.bogor.blackhat.1
I am not putting the full site links on here due to security and further potential exploit, but here are the location of the malware:
/public_html/staging/wp-content/themes/twentynineteen/wp-con.php (Dormant Theme)
/public_html/wp-content/themes/MinimalChild/wp-con.php (active theme)
Any ideas why WordFence is not picking these up?
Regards