It looks like our nonprofit site using Habitat was hacked... here's a screen shot:
We are restoring from backups now and rebuilding the lost work, but our hosting company claims there must be some vulnerability in the Habitat theme. They suggest we delete Habitat and use a different theme. I don't agree, but I'm not a hosting or security expert. Seems to me it could as easily be a plugin as the theme itself...
We've been buying and using Kriesi themes for a while now and have good confidence in them... has anyone else seen this particular hack exploit before and do you have any suggestions about how to defend against it?
We're using WP 3.0, and here are the plugins currently running:
Thanks everyone for any suggestions you might have!!!