I’d seen a few things in the Support Forums which suggested that there was an active exploit of previous releases of WordPress. This has now been confirmed by Donncha O Caoimh:
There’s never been a better time to upgrade WordPress – Holy Shmoly!
So if you’re running anything earlier than 2.3.3 (which I mentioned last month), you really need to upgrade. Now. Donncha’s post even tells you how to find out if your site has been hit, so get to it!
