I’ve been seeing a lot of these over the past week. Never before. I wonder if it’s some exploit that can only be used of a bad plugin is installed or something. So far on the 5 sites I manage I haven’t seen any sign of anything being exploited. I’ve been keeping an eye on file modification dates and database changes.
From my understanding, Nothing should ever post directly to wp-settings.php or wp-load.php so I would think something in the .htaccess to block direct posting to those files should work.
