JavaScript is nice when it isn't hacked {yuiblog.com}

What happens if JavaScript files on a website are hacked? The website still functions, but lacks the desired functionality, that’s what. Now, this isn’t the end of the world, but it does create a major headache for the site owner/tech guy. A current hacking trend is to add a line of code to every file in the site directory with a .js ending (index.php files are also a common target). This line of code, a script itself, will cause JavaScript functions like JQuery to no longer function. Many Wordpress functions will no longer work either. Not cool. The solution?

• Reinstall Wordpress (this could correspond with a needed upgrade anyway). No big deal, seeing as this takes a matter of seconds.
• Delete and reinstall all plug-ins that use JS or search each plug-in folder and manually edit the file to remove the malicious code. The latter option is useful if you have modified the plug-ins.
• Delete and reinstall your theme or find your theme folder and fix the JS files (and index.php) by hand. Again, the latter is more time consuming, but is usually quickest.
• Repeat the above steps for any other sites under your main account that may have been compromised.
• Change your Wordpress and host passwords just to be safe.