How an intruder can upload files on a WordPress site?


I have installed a Demo WordPress on one of my websites and kept it idle. Today I received a warning email from the server that there is a suspicious file (.php) on that account.

When I logged into that account, I saw many new folders, files were created.
How this could be possible?
How can someone upload files, folders on our root folder without having our access?

But now I have deleted all those files from the root folder, trash folder, and temp folder. But I couldn’t find the trace on which the intruder entered into my WordPress.
I checked ftp logs, cPanel logs etc but no traces. Can someone help me to tackle this issue?
I want to prevent this activity in future.


I have few questions

This is poll only for you (@MyilRaj)

  • Was your WordPress updated in the real time?
  • Yes, WordPress, theme and plugins was updated.
  • No

0 voters

  • Do you use strong and unique password?
  • Strong and unique
  • Same password everywhere

0 voters

  • By chance, did you installed any abandoned plugin?
  • I don’t know
  • May be!

0 voters

  • Was there any nulled stuff?
  • Nope!
  • Yes

0 voters


I installed 2019 theme and optimized the site. That’s all.

Plugin Installed:
Yoast SEO
WP Optimize

I never choose Nulled Theme or Plugins.


I am interested in looking into this issue. Can you message me?


Already messaged u bro


Replied there. Please check.


Never use nulled or cracked themes & plugin
Otherwise you’re website may be hacked.
Because their coding is they are nulled.