[wp-hackers] Hacked blogs
mikeschinkel at newclarity.net
Thu Mar 26 16:22:49 GMT 2009
I too fixed a site that had this iframe problem, but it was a v2.6 site. I know this was asked implicitly but let me ask again explicitly; is there any chance that these hacked sites shared any of the same plugins? As Mark Jaquith tweeted about recently, plugin as a group are generally not written with good security practices in mind; maybe there's a huge security hole in a shared plugin?
Custom Wordpress Plugins
More information about the wp-hackers