i've got a WordPress installation on another hoster and the hoster informs me, the site got hacked. (everything is up to date) So i looked at the files and found a corrupted "gpzdecode.php" with an injected code in "wp-includes/SimplePie/". The code was probably uploaded though a security breach in the core plugin "SimplePie" (know issue but i've found no solution).
We don't use the Plugin but it's a core item and i don't know how to disable it. The FAQ, Support etc. from Wordpress and SimplePie doesn't seem helpful. If you find something, correct me :)
You know how to disable the core plugin (it's not shown in the "Plugin-Panel" and simply delete the SimplePie directory in wp-includes wont help me, i guess)
thanks in advance,
IT Meyer