My entire wordpress site was taken down a few moths ago via an XSS exploit that attacked a weakness in Schreikasten. I googled it at the time and evidence supported my theory. Sure enough deactivating this plugin allowed me to start to recover my site. Months later and after some updates to this plugin I stupidly reinstalled it. Within 24hrs I was taken by an XSS attack (or attempted attack). Somone posted random pictures in the chat box along with the tags...
Can you explain what's going on?
A search for alert('xss') brings up a number of discussions. I would have thought this would have been fixed by now.