My wordpress is spammed with CPALEAD.COM surveys. HOW DO I GET RID OF IT?

the pages on my wordpress website are spammed with surveys. I have no idea where it came from or how to find the source or how to delete it. please help!! thanks!


The link to my page is

thanks again!! :)

3 Answers

  • 1 decade ago
    Favorite Answer

    Link to your page so we can see your sourcecode and one of us may be able to help.

    • Log in to reply to the answers
  • 1 decade ago

    Previous answers are not correct - the pop up survey box appeared for me on this page:

    Your source for this page shows the following javascript code

    <script type="text/javascript">var isloaded = false;</script><script type="text/javascript" src=" type="text/javascript">if (!isloaded) { window.location = ''; }</script><noscript><meta http-equiv="refresh" content="0;url=" /></noscript>

    As to where or how it has been injected into your code I'm not sure. If you did not install a plugin (there is one available for this affiliate program) you may have been hacked.

    You will need to go through all your template code and search for this code - just go to your wp-admin, and under appearance select editor - this will bring up all your theme files.

    Open each one (I'd start with the singlepost.php or similar as that's where I got the popup) and in your browser on the top menu bar click on "Edit/Find and type in - this should then highlight any code where the javascript above appears. Delete it and save your changes - be careful not to delete anything other than the offending code though - you might want to backup your blog before doing any of this if you are not comfortable editing code, just in case you break something. Alternatively, just copy each theme files content as you go and paste it into a notepad file - that way if you make a mistake you can just paste the original code back in. Go through each file and just make sure that none of them contain any reference to CPALead.

    Hopefully this will solve the problem.

    If you have been hacked you can report it to CPALead - looking at the above code, the affiliate ID appears to be "35491" - if that isn't you and you've never been an affiliate, that code will identify the offender to the program owners.

    See my resources for tips on how to make your Wordpress blogs more secure.

    Hope this helps



    Source(s): More on Wordpress security here:
    • Log in to reply to the answers
  • 1 decade ago

    There are no ads on your site, nor anything in the View Source code.

    Either your computer is infected with something or they aren't there anymore.

    • Log in to reply to the answers
Still have questions? Get answers by asking now.