Recently there was a big security issue of older versions of wordpress sites being hacked. Well this is because of the security flaws the older versions had. Unfortunately for those who did not upgrade to the newer versions, had to be the victims of this new Trojan.
The attack methodology is a hack which creates a new administrator account in your blog and hides it from your view using clever JavaScript.
The easiest way to stop this attack is to upgrade to the latest version of WordPress, but if you are already running an old build and want to see if your site has been already attacked…
Go to the control panel of your hosting control panel
Under the database category open “php my admin”.
and run the following query:
SELECT u.ID, u.user_login FROM wp_users u, wp_usermeta um WHERE u.ID = um.user_id AND um.meta_key = 'wp_capabilities' AND um.meta_value LIKE '%administrator%';
If you see any unidentifiable administrator accounts then, YES you site has been hacked. Otherwise if you can only see the admin accounts that YOU created then yeah your site is safe for the moment if you haven’t upgraded yet, so get the latest version of WordPress and upgrade now.
Source: Dougal Campbell’s Blog
