Today I checked my wordpress site and got some phone calls of customers. Virus scanner blocked the sites of my customers. It is named: JS:Iframe-UZ [Trj]
So I checked - and I found this in the header.php of my themes.
[Code moderated. Please do not post hack code blocks in the forums.]
I can't find any news or info about this exploit on google or wordpress news sites. But I got this hack/exploit on my wordpress installs with the latest wordpress version and updated plugins. And total secure chmod and all the security measurements and so on.
I use different themes and 5/10 got the exploit/hack in the header on different servers. So I want to warn people please check your wordpress theme.