wp_foots() Compromised WordPress and Drupal sites
I’m seeing a few WordPress and Drupal sites with template files being compromised, and a call to a PHP method wp_foots being added
<?php wp_foots();?>
This PHP call injects malicious Javascript code that typically writes spam links to the footer.
It is safe to delete the wp_foots() call. However, this call is part of a bigger compromise, and other PHP files within the website have almost certainly been injected as well.
You should look out for calls to eval(base64_decode(
and delete/fix those files.