anxo69I was hacked this weeked and I think I know how they got in, It has something to do with the WP Photo album plugin. I have updated to a new version and I think it has stop, but hereis the link they were using:
http://www.markarcaro.com/?page_id=5&album=S@BUN&photo=-333333/**/union/**/select/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/from/**/wp_users/**WHERE%20admin%201=%201
It looks like that address makes a back door to my photo page.
The first hack they changed my index page. to hacked by ulath
The second time they wiped out my css in theme, and changed my password.
If anybody can give me more insight I would appreciate it.
iLobster