A took over an infected WordPress site. I had Sucuri clean the malware. The hosting was a mess. There were three WordPress installs in this hosting account, but only one was the site. It took a while to figure which one was the live site.

While trying to update core I got the following.

The following article helped me shed some light on the situation.

http://stackoverflow.com/questions/640409/can-i-install-update-wordpress-plugins-without-providing-ftp-access

I was going to change the permission, but Sucuri wasn’t finished scrubbing the malware. If I can remember I will post my results.

I hope this helps someone else out there…