Premium WordPress Theme AVADA hacked and infected with malware


WordPress Theme Avada infected by malware?

Today I had another case where a client's WordPress site was hacked. The hoster sent a list of files that contain malicious code. Noticeable here: All bad files are in the directory of the [Wordpress Theme-> wordpress-themes] "Avada":

  • /wp-content/themes/Avada/framework/plugins/LayerSlider/layerslider.php
  • /wp-content/themes/Avada/wp-conf.php
  • /wp-content/themes/Avada/atom-conf.php
  • /wp-content/themes/Avada/.cached
  • /wp-content/themes/Avada/

I am particularly concerned about the file "", because it is a Unix library that obviously aims to hack something using [Bruteforce-Attacke-> bruteforce]. It may be that other servers are also to be attacked, but I couldn't get more details from the file.

A look at the styles.css in the Avada directory tells me that it is version 3.1.1 of the WordPress theme. We will now import the current theme version again, but I think that version 3.1.1 has a security hole somewhere, because it is remarkable that the malware is concentrated on the Avada directory.

But I am happy to pass on the development in this case. We are currently waiting for the hosting to be reactivated by Host-Europe. There domains with malicious code are immediately blocked and you have to remove the malware and write to support before the hosting is reactivated.


Did you like the article and did the instructions on the blog help you? Then I would be happy if you the blog via a Steady Membership or at Patreon would support.

Leave a Comment

Your e-mail address will not be published.