hope, I'm in the right sub-forum. I have searched the site and also the internet without success - hope, I will got a hint here.
I'm running WordPress 3.5.1 with default theme "WordPress Default"
A few days ago I installed a plug-in Snitch, written from Sergej Müller. Snitch records outgoing links and is also able to block unwanted links.
Now I find a lot blocked communication entries from core module
/wp-includes/class-wp-xmlrpc-server.php (line 5383)
to URLs like luisvouittonbags.com, driverregistration.com, yoursexdrive.com and so on. All thouse URLs are not from my blog.
First my impression was, that the blog may be hacked - but I checked my blog and also the themes with different plug-ins and externals tools - without any result.
I've deactivated all plug-ins, to isolation the source of my problem - but the entries are still recorded.
Then I have reinstallaed WordPress 3.5.1 twice, to be sure, that the php code is intact. I also inspected class-wp-amlrpc-serve.php without success.
Now I'm out of ideas what goes on. Therefore some questions:
- any idea what the intention of the outgoing links mentioned above?
My impression: could it be, that WP installations will be misused as a spam link seeder?
- is it possible, that XMLRPC interface is called from the web?
- what can I do to catch the cause of this issue?