I have a handful of sites running from a multiuser install of wordpress.
To set the picture, I'm a wordpress "user" so my knowledge of code is minimal to zero!
I think I've stumbled upon two hacks / viruses. I have some suspicious looking files with email addresses, adverts and hacking gloats in!
I've followed all the instructions and advice and have cleaned up my site to the best of my ability.
(I wish my filemonitor plus plugin worked - as I would have spotted these sooner. Seems to not like to run on just my install so I recommend using it!)
anyway - my question is...
Are any there any wordpress guru good guys out there that wish to examine the hack .php files I have? Are they useful for pluggin a security breach in wordpress?
I've taken many wordpess security measures (again to the best of my ability by following guides e.g. .htaccess - and installing plugins like login-lockdown, wordpress always latest version) and my sites were still compromised.
Makes me kinda worried about the future of wordpress if its going to become a spammers playground!