just received report from myhosting n antifraude.net abt my site :
email content as below :
We run some checking and would like to update you on the reason of the injected script.
126.96.36.199 - - [21/Oct/2012:00:53:06 +0800] "GET //wp-content/themes/Webly/cache/s.php?x=img&img=ext_css HTTP/1.1" 200 570 "http://propertyagent.my//wp-content/themes/Webly/cache/s.php?x=ls&d=%2Fhome%2Fproperty%2Fdomains%2Fpropertyagent.my%2Fpublic_html%2Fwp-content%2Fplugins%2Fakismet&sort=0a" "Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1"
As you can see, akismet plugins were injected and make changes through the page:
s.php is the backdoor script that used by the attacker to upload the malicious script.
Its recommended to change your used theme on your page, as obviously there is vulnerables on the theme 'Webly' you using.