About for times now, my WordPress blog has been 'hacked'. I believe this is what has been happening: my index.php page has been renamed to index.phpa, and then a new index.php has been created that only contains the line, "This site was hacked by PoH".
Obviously, it's easy to get things back to normal, but it's really starting to piss me off. I have made sure that I upgrade to WordPress 2.02, I've changed my WordPress admin password as well as the password at my host (Bluehost), but it sitll happened again today.
Nothing else was touched, just the Index.php page.
Does anyone have any ideas how they might have done that? Is there an exploit in WordPress somewhere?