PHP code in functions.php of all wordpress websites on my shared hosting

Question

I have a shared hosting and some wordpress websites on that. Recently sometimes when I visit my websites, popup opens. So I opened template directory of one wordpress website in

Answer 1

Apparently your site has been compromised (hacked). You can contact your hosting provider, they probably (surely) will not help you. You can contact a web site security company, I use sucuri.net. If you want to clean it yourself, there are 2 options

• delete EVERYTHING and reinstall all the sites, including the database!
• if you cannot reinstall everything, you'll have to check script per script to find "weird" code and clean it. If you find a few keywords that repeat (for example the code9 that shows your code, you can look for this, but probably sometimes it's code9 and sometimes is a different name.
• update as much as you can, as plugins, template and of course your wordpress version.