Just got an email about this, from a reliable source: A security exploit was recently discovered in the WP Super Cache and W3 Total Cache plugins. If you've not done so already, you should take immediate action to upgrade those plugins to prevent any damage to your site(s). If you need upgrade guidance, see: http://wordpress.org/extend/plugins/w3-total-cache/ http://wordpress.org/extend/plugins/wp-super-cache/ "The exploit was posted by a user on the WordPress forums. The plugin authors have now updated their code to fix this issue. "The security hole allows an attacker to post PHP code embedded in comments and that code will be executed by your server. This effectively gives them unlimited access to all parts of your site and database.