Greetings folks -
Can anyone explain how content spam gets added to WP template sites?
I’m not talking about comment spam. I’m talking about the navigation getting taken over by spam links or actual content on the page getting injected with craptastic promotional ads completely unrelated to the site.
I’m asking because I had a strange thing happen when I clicked on a deep link to my site recently. The page had on it embedded links for services all over the globe. In this particular instance it said, “How to buy lasics online” and it listed a bunch of places within my site header and in the main nav from all over the world like Dubai, Candada, etc… It was essentially hijacking my page and loading a bunch of spam/phishing links on there. I don’t know where it came from and unfortunately didn’t grab a screenshot, but as soon as I logged into the admin panel, the links disappeared and the page looked normal.
What the heck was going on there? Does anyone have experience with what this might be?
Has this theme been compromised? Or, perhaps it’s my login credentials, except the page looks fine in admin view…
It’d be terrifying if these parasites where somehow able to mask from me that they where using my site as a zombie bee 
making me think things were fine, because I’m no longer seeing anything when I’m log in as an admin. I’ve verified on 2 other machines that it’s not permanently on the site and the page in WP looks fine, but I’m shaken by this experience.
If you know how and why this is happening so that I can put a permanent end to it, please advise.
FYI, years ago on a different machine I identified a melicious browser plugin that injected links into WP content when an author was editing that would only appear on the website after it was published. The solution then was to turn off all browser plugins when I edited content. Wonder if this is the same thing. I’ll investigate further.
Thanks in advance,
Anthony
