Best Blackhat Forum

beware install any theme or plugin wp outside bbhf or user untrusted
my experience, i have install any theme like voice, newspaper, etc from nulledpkdotcom, wordpresskhazanadotcom.....
check that theme on virustotal, i get that theme clean of virus
glad to know that theme clean of virus
but a few day later i am login to phpmyadmin
i am shock, i get user registered as admin besides me
as soon as possible i delete that user and uninstall theme.
so, be careful install any theme and plugin, they can insert any script into theme like :
- insert sql
- insert ads
- insert backlink
- etc
there's nothing wrong if you buy a theme from developer, group buy on bbhf and register as vip on bbhf because u will get clean theme from user trusted
just share my experience and sorry my english is not good.

thank you

Thanks for the heads up OP. The exact same thing happened to me but at the time
I didn't know where it was coming from but I eventually figured it out.

I had the newspaper theme installed, disabled and deleted it then the problem was fixed.

Lesson learned.

did you run TAC or Exploit Scanner on the Blog?

Following with interest !!

no,
sometime, u should logout from your admin account wp
if you see an ad that is not yours (usually ad pop up)
pm me, may i can help you

Thank you very much for sharing your experience. Very helpful.
This increases my trust in BBHF. and members.

Once again Thank you to all the members who share genuine.

Thank you a lot

yeah gotta be careful when you download stuff

Good Information...too many people do not realize that Virus Total typically does not scan Wordpress themes and plugins for exploits...Virus Total scans for viruses...not malicious php code inserted into a theme. Too much ignorance in this community which is unfortunate.