Just a quick note…
If you’re managing WordPress installations, and haven’t heard about the recent WordPress hacks (http://wordpress.org/support/topic/307660) yet you probably just got back from holiday.
There’s plenty of advice on fixing a hacked installation if you follow some of the links in the above post, so I’m not going to recite that here.
However! While cleaning a WordPress installation that resides in a subdirectory of a modx cms I found that the modx index.php files were also infected. I searched for infected files using grep as follows:
grep -R 'function gpc_' *
If you’re on a shared hosting environment that doesn’t allow shell access: time to change your hosting provider. (mail me if you need recommendations)