My developer uploaded from wordpress bbpress shortcode plugin and it brought the whole website down and infected other wordpress website in my hosting. It was huge problem and we’re still sorting it out.
This is the email I received from my hosting provider right after attack. You can see malicious file below.
Do you have any comment on this?
Dear Lumir Schulz, This is an urgent message regarding your contract with 1&1 IONOS. A few minutes ago, our antivirus scanner detected that a malicious file was uploaded to your webspace. The file can be found in your webspace at the following location: ~/lumirschulz/wp-content/themes/generatepress/functions.php