I've got a blog running wordpress 2.3.3 (upgraded a few days ago).
Over the last week or so, i've being suffering repeated sql injection attacks that dump a few hundred hidden (incredibly) dodgy html links in all my posts.
I'm not sure how they're doing this, (or how I can stop them doing it).
It's a hosted environment (railsplayground.net), that I'm 99% certain hasn't been compromised, so I'm (guessing) it's sql injection.
- reset all my passwords (both to shell and to blog)
- deleted xmlrc.php
- upgraded to wordpress 2.3.3
- disabled comments and registration.
- checked that I am the one and only record in wp_users table.
I've removed the links about 4 or 5 times but they keep getting re-inserted so apparently all that I've done is not enough.
The only thing I've found somewhat effective is to restore the wp_posts table from backup every 5 minutes (via cronjob), but that's obviously not a viable long term solution.
Any one got any idea's what else I could do to stop this?