spam hijack in blog WTF

OK I fixed that but how can anyone get in and edit my header.php file?

Are you sure they did it by editing your header.php file? Most of those problems are injections via xmlrpc.php

also you might want to upgrade to maybe 2.5.1 – your current version 2.0.2, a little out of date perhaps?

<meta name=”generator” content=”WordPress 2.0.2″ />

I’ve recently read about this type of thing happening. It seems they exploit something with the theme editor to edit theme files from what I recall.

thanks for the quick responses

1 I know I should upgrade but given some horror stories posted elsewhere I’ve been too scared to do that just yet – is 2.5.1 a preferable upgrade to 2.6?

2 the code I deleted to clean up was actually in my header.php file, when I looked at it via the edit function within wordpress admin… now maybe it got there from some injection mechanism – where to look for that b@~#ard?!

1. Make sure your template files are on lockdown. This will require an external editor to to edit the files then and you won’t be able to use the theme editor

2. Consider getting rid of the theme editor php file in the admin area.

Here’s a link to a Google search. Didn’t have an opportunity to peruse all the sites but you might be able to find some additional ideas/help in some of the links: Google Search

The most likely reason that you were hacked is because of running the older code base. Exploits similar to what you describe are fairly well-known, and will most likley continue until you clean your site in an upgrade.