I'm being hacked!!!

Dear all,

I just so happened to log on to my blog (self hosted blog using wordpress) today, and I noticed there's a long list of html codes linking to adults, viagra websites etc in my footer php. I never inserted those.

Immediately I remove those, but after 10 mins later, new html codes popped up. Again i deleted again and again. I've deleted 19 times in the last 7 hours.

Can you guys tell me what's wrong with it? Is there a bug or something in my blog? Or simply someone's hacking my blog??

Please tell me..... I'm frustrated... and I'm sleepy, I can't monitor it 24/7

Please help, your expertise is very much appreciated...

Example of the codes: (just 0.001% of it)
<!-- ~ --><u style="display:none"><a href="hxxp://brainoff*com/weblog/index.php?p=01741">difference between xanax and klonopin</a> <a href="hxxp://brainoff*com/weblog/index.php?p=03156">hypothyroid and ativan interaction</a> <a href="hxxp://brainoff*com/weblog/index.php?p=058">patent how long viagra</a>

I've replaced tt with xx, and . with *

 

Looks like an XSS injection. Are you running the latest version of Wordpress?

 

I'm using wp 2.1, any idea how to get this sorted out?

 

Upgrade to the latest stable version. 2.5

 

Always best to keep updated with the latest versions no matter what it is you're using in my opinion (I'm saying that a lot nowadays lol).

 

also check the security setting (using .htaccess...)

 

Versions prior to 2.3 had a major security issue. You should consider getting latest version for stability, and of course, better security.

 

Remove the crap, before the search engines punish you, and upgrade to the latest version of WP.

 

Dear all,

Thanks for your good opinion, I've done the upgrading, and everything looks perfect, not seeing the code anymore.

Thanks again! Cheers