I was running two wordpress installations until yesterday: http://www.cridon.de, http://www.staeudtner.de under one account with two subfolders. The account was taken over and used for spamming. The admin console was broken and I recognized the mess when I found out that my RSS feds were gone. I need to set up from scratch.
I looks like the infection came through the ngg gallery plugin: http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=wordpress&filter_author=&filter_platform=0&filter_type=0&filter_port=&filter_osvdb=&filter_cve=
Does anybody know something about this issue? Is ngg gallery trustworthy or should I remove the plugin?