Hi Guys, I want to let you know that the Wysija Newsletter plugin for WordPress has been compromised. Completely remove this plugin ASAP! I've just had 3 sites hacked, and malicious code inserted into EVERY PHP file of that domain. I'm pretty sure that 1 of the sites didn't even have the plugin installed. It's not altered my databases, although the DB username and password is in wp_config.php, so it's possible that the DB could be dropped, and/or WP passwords extracted. My main money site was the root of the intrusion. This site had all the necessary security, yet was still compromised. If you use Wysija, then take action NOW! Backup all your files and databases to your local computer, export your Wysija subscribers, remove Wysija, and check for any malicious activity. I'm going though a proper bastard time sorting everything out, not to mention I'm losing $$$ while I'm pissing about sorting it out, and wouldn't want anyone else to have to go though this. A quick Google (http://www.viruss.eu/web-malware/re...wordpress-mailpoet-plugin-wysija-newsletters/) shows that any file can be uploaded or altered, so I'm pretty lucky it's just altered PHP files and not a full on server takeover. Be safe. BHF.