if thats on your blog, your site has been compromised.
he’s right about that.
if you do a search, its happened to plenty of other people. if i remember correctly, its actually inserted into a post or posts. So find the post its in, and remove it.
It might be in a plugin, it might be in a file.
You just have to find it.
After youve found it and removed it.. then you need to go through the normal procedure for having a site hacked.
change all your passwords.
check all your theme files to make sure they havent been altered physically. Make sure wp-config.php hasnt been modified by someone else. Look at your plugin files.
And I dont meanlook at them to see they are still on your site, I mean opening them with a plain text editor, and looking at them
and upgrade your WP install making sure that you replace ALL of the previous WP files with new ones.
That one thing above is the only reason you dont have to go through and look at ALL of your files. You only have to examine the ones that you are not replacing. Does that make sense?
Theres no magic pill. You dont need the geek squad, but you do need to do a little work. And if you arent willing, then you can shitcan the blog and start over, or pay someone someone else that has the patience to do the work for you.
Lots of us do this crap for money.
—
it might also be nice if you let your host know. The list I provided is not all inclusive. It never is. I expect that people can search.
In the future, the dashboard area inside your wp-administration area lets you know when a new version is available.
