the day before yesterday i've toyed around with a few plugins that implement video playback, namely:
VideoJS - HTML5 Video Player for WordPress
JW Player for WordPress – Flash & HTML5 Video Player
One thing i can rule out is JW-Player, because i've installed it again after i quickly checked the code and it did NOT inject the code again. So ... would someone care to browse the other plugins code and check whether i've overlooked something?
Or once again - without a theme using timthumb (currently the only widely used exploit in the wild know to me ... right? I'm bad at these things...) ... What else could this have been? I've put the wordpress folder under close (tripwire) watch so that i'll immediately see when something happens again, but ... i thought that IF something was distributing this code the responsible person for the plugin registry ought to know... (big fat IF).
Anyways, thanks for reading my tl;dr textblocks ;P.
- Dario Ernst