So, my website (tibonihoo.net) has been recently hacked... No apparent effect but a bunch of undercover redirections and a load of php one-liners to "do stuff" with cookies.
The bright side of things:
- it's a good incentive to think a bit more about the security of my website and its data
- it's a good reminder to suscribe to the right rss feed for zenphoto (the former has suddently changed, without me paying attention)
- it's a good criteria to clean-up useless plugins (goodbye wp-security-scan that brillantly failed to detect anything)
- it's a good time to thank Dreamhost's team that answered my question pretty quickly
- it's the perfect occasion for you, dear visitors, to clean up your browser's cookies (because the aim of the exploit is not clear, but visitor's cookies clearly seemed to be involved).