My blog was hacked this morning. I came in to work, looked at my web site and all that was displayed was a message from the hacker:
Hacked by VexD
I looked at my stats and discovered someone googled “wordpress forum plugin by fredrik fahlstad. version: 1.7.4″ and the person spent 22 minutes on my web site. Now we know why. I have the the wordpress forum widget activated and after spending some time googling, I found out that the forum script has a vulnerability which allows remote sql injection exploit. The hacker changed my admin password and wiped out my index.php. Thankfully the database was still intact. I replaced the index.php from another wordpress installation and changed my admin password before I could login.
Here is a link showing how the hacker executed the remote sql injection.
I have deactivated the wordpress forum until I am sure that there is a fix for the vulnerability. Anyone else who has experienced similar type of hack, please let me know by leaving a comment.