zwaveHi,
First of all - i use version 2.3.3. I know, i should have upgraded million years ago, i'm a bad person and i should be ashamed.
Beside that, after i read this article that talks about a warm that registers a user, than makes itself an admin - I checked my blog and saw that on "write post" tab, on the "post author" dropdown, that a user called KentWeiss72 was available, besides me. This was odd and I checked the "users" tab to see if I can delete it from there but i couldn't find it. So I assumed that I got hacked, just the way the article said.
now my question is: what can I do to clean my site ?
I have a main site that acts as an online shop and a wordpress blog associated with it. I don't know if the hacker messed up with my online shop or only with the blog.. i don't really know what's the extent of the damage because I don't know what to check... I'm kinda' lost even if I'm "administrator". Usually, I go by intuition, more than solid knowledge. Let me tell you what I've done so far:
1. I opened phpmyadmin from cpanel and deleted suspect users, including KentWeiss72 which had admin rights from the database : wp_users and wp_usermeta tables
2. i started updating to 2.8.4. I followed the steps from this article and got to step 7.
I stopped to ask somebody on these forums if I'm doing it right.
Thank you !
p.s. i remember a few months ago I had a problem with some alien code that got into all my index files and contained an <iframe> which made I don't know what, but avira restricted access to my site. Back then I deleted the foreign code from all index files and it worked, but I didn't knew what else to check..
