Google flagged a wp-admin redirect as phishing

I woke up this morning to find my website flagged by google, the standard "deceptive site ahead" appears when visiting it. The website is in active development and is usually hidden under the "under construction" screen, but I guess google had enough time to crawl it when I turned it off.

In my webmaster tools google reported deceptive pages with the following sample URL:

http://example.com/wp-login.php?redirect_to=http://example.com/wp-admin/plugins.php=1

This is the only sample page that was reported. Is this not the standard redirection for admin log in? Why would something like this get flagged?

Topic wp-admin customization Wordpress google

Category Web

1
answered at

Did you end up figuring out the cause of this? I'm getting the same problem. WordFence isn't detecting any changed files. I've been trying to correct it for a couple days now.

There wp-login.php is very simple. No scripts loading there that shouldn't be there. I wonder if Google's systems view the wp_attempt_focus() function on that page as malicious?

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.