Hey there WPMU guys,
I'm having a hacked with my website affiliatemade.tv
I recently got about thirty to sixty signups in about 3 days (a huge spike from what's norm) and they seemed to be strange (spam) email addresses.
Now, I'm unable to login to my site, when I go to "/wp-login.php" it sends me to "/login" and gives me a 404 redirect when putting in my credentials or clicking the 'forgot password' link. I'm wondering if you know of any vulnerabilities inside of the membership plugin (and/or have seen anything like this before with membership sites).
I'm in no way blaming this plugin, I just don't even know where to go from here and would LOVE some help...this plugin is AWESOME!
I have upgraded wordpress (deleting all files and uploading the latest version's files) deleted all the plugins, expecting that someone may have put a script into one of those and those have not solved my problem. I don't have tim-thumb so I didn't get hacked that way, it looks like it was through my signup page on my membership site or something...
My database files are backed up and I'm fine doing a new wp install, except for the fact that if the hack (or whatever's redirecting me to "/login" and giving me the 404) has been written into a database file, it will go back to how it was upon restoration of my db.
If I don't restore my membership db files, my existing users will be erased.
If you have a suggestion for me, I'm all ears. I just wanted to avoid 10-20 hours of additional work if you can help me out.
Thanks so much!