[Plugin: Make Tabbloid] Enables hacking!

That’s quite an inflammatory accusation. The code for this plugin is publicly available at https://svn.wp-plugins.org/make-tabbloid/trunk/ and you are the first of 677 downloads to make this claim.

I would suggest that your server was compromised either before or after installing the plugin and any problems you are encountering are not related.

If anyone can identify exactly how this plugin has compromised your site I welcome their feedback, but as far as I can see it is not technically possible.

[I would also like to highlight as an advocate of open source technology, including being part of the team who won the Scottish Open Source Award 2008, I have nothing to gain by circulating malicious code]

It is a new server set-up for first time with WPMU and 5 plug-ins.
It appears on your site that we am not the only ones. At the time the plug-in was installed, code was added to the sidebar which included an iframe. Within minutes the iframe appeared on other pages on the server. We believe it takes advantage of the PDF creation tool and in short the hackers are injecting javascript into the index, or default pages or other pages on the server.

Going by your username and email address for the post on my site I would say that it is the issue is one and the same. (I would also argue that because I choose to leave the post on my site is further evidence (via full disclosure) that my plug-in isn’t the problem.)

iFrame hacks in WordPress are well documented (https://www.google.co.uk/search?q=wordpress+iframe+hack) and have existed long before my plug-in was published. You may wish to review your general security