Fix SQL injections ( )

Today one customer reported a recurrent database contamination.

Site URL was injected with:
Also posts table injected with: hxxps://

Need help? Let us clean your site.

Malicious URLs and domains, hosted on

So far there are aprox. 400 reported cases, according to publicwww:

If you’re facing the same issue, in order to sort this issue, you should follow these steps:

1. Perform backup and change database password.

2. Regain dashboard admin access.

To reset site URL, check this article:
If you can edit wp-config.php file, add this code ( replace with your own domain name ).

define( 'WP_HOME', '' );
define( 'WP_SITEURL', '' );

3. Clear SQL injections

a) Run this SQL query ( make sure you backup first ):

 UPDATE wp_posts SET post_content = REGEXP_REPLACE(post_content, '<script(.*?)>((.|\n)*?)<\/script>', ''); 


b) Use Better search replace:
Search for:

 <script type=text/javascript src='hxxps://check.resolutiondestin[.]com/t.js'> 

And replace with nothing ( leave the field empty ).

Try our Free site check.