|
Yeah that injected script has been a problem with Wordpress in the past - but it's really because we're dumbasses and don't update and don't change passwords every now and then.
I don't know what your FTP client is Chezter but it probably uses a simple xml file to cache your log in to your server. Delete that cache or file or just blank the log-in fields out if you don't change your FTP password - it can be during uploads that the injector writes itself into your files/templates, or by accessing your wordpress templates as admin - and it propagates it to every page throughout your site.
To get rid of this one you're going to have to call your hosting tech support and tell them about the exploit. Before you call them, change your FTP password, change your Wordpress Password (change your admin username if you know how, "admin" default is just a security risk too), and let them know that you did.
And don't try to change anything (add a new post, FTP something to the server) until the tech department wipes it out.
When it happened to me I just called the hosting company and tech support had it taken out in a couple thousand pages in less than two minutes.
Oh, and update your version of wordpress.
__________________
YOU Are Industry News!
Press Releases: pr[at]payoutmag.com
Facebook: Payout Magazine! Facebook: MIKEB!
ICQ: 248843947
Skype: Mediaguy1
|