I’m running two WordPress blogs, hosted on the same server, and both got infected with this, although at different files:
– <my theme>/footer.php at one blog. This was efficient, as any HTML file served by my WordPress installation called this malicious code ??
– wp-includes/js/jquery/jquery.js (same as Hirvine) at the other.
– Konstantin.
