Not sure where the vulnerability is, I called my host 1and1, but no help. Google emailed me today on several sites containing malware. When I view source I can see injected code, but I dont know where to look to fix it. I'm stressing, help anyone?
I didn't see any similarity between the sites, as far as plugins/themes etc, there all different. and I changed my ftp pass last week, and my Database pass yesterday and this happened this morning. UUuuggh.
Here is one of the injected sites.