Random files and directories in a few (but not all) WordPress installs on my server

I’ve just discovered a number of random files on my Windows web server hosting a number of WordPress sites. The file and directory creation dates are all the same, but it’s only for the sites with WP 6.1. All of these sites are running the free WordFence and all scans detect them as malicious, but I’m just wondering how I can determine what the exploit is and how they got there…



1 Comment
  1. Start off by checking your plugins against somewhere like https://patchstack.com/ (or even using their automated service).

    Note that it’s not a certainty that this vulnerability exists on all sites – it could just be one and the vulnerability permitted directory traversal into other installations – this depends largely on how the server is configured.


This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer