| 5:45 pm on Jan 20, 2009 (gmt 0)|
Before you start giving random people your FTP and Wordpress login, why don't you reinstall wordpress?
| 5:55 pm on Jan 20, 2009 (gmt 0)|
-checked all plugins for malicious code, and deactivated them
-checked .htaccess in root + subfolders
-installed a fresh copy of WP 2.7.
-checked database for noscript, display,...
| 5:59 pm on Jan 20, 2009 (gmt 0)|
It is using an iframe because it retains the correct wp-admin settings url in the nav bar at top but frames the site it send you to.
| 11:57 pm on Jan 20, 2009 (gmt 0)|
Let me ask the obvious question. Are you sure what you are clicking is really the settings? I only ask because I have seen links in plugins that are really promotions for other websites and not settings.
Did you download this plugin from somewhere other than the wordpress website? I have heard of themes being hacked and hosted for download on other websites but perhaps it happens with plugins too. Always download themes and plugins from the wordpress website.
Next I would deactivate and delete all the plugins. You can delete them in example.com/wp-content/plugins, test and see if your problem is gone.
If it is then download what you need from wordpress website and try reinstalling and activating one by one and testing.
Hope some of that helps. Let us know
| 12:11 am on Jan 21, 2009 (gmt 0)|
That raises the question too of whether or not you've cleaned out your themes directory. You said you downloaded new versions of WP, but did you get rid of any non-default theme?
Obviously, you want to get your old theme back, but just as a troubleshooting exercise it might be worth it.
| 12:29 am on Jan 21, 2009 (gmt 0)|
Yes, I am absolutely clicking on the settings - very familiar with Wordpress - use it on many sites.
ergophobe - are you saying I should delete all themes except my theme I want to keep?
| 2:36 am on Jan 21, 2009 (gmt 0)|
I'm saying put your site in maintenance mode and delete (or rather move to a directory outside your WP install) all themes and try it with a fresh upload of the default theme.
Honestly, I have no idea if this will work, but it will remove one source from consideration.
That said, personally what I would probably do first is look at the html source and try to find some unique code from the offending page and grep the whole WP install for it and see if that turned up anything and I would do the same with a dump of the MySQL file.
| 2:43 am on Jan 21, 2009 (gmt 0)|
So, sorry for my disorganization. In order, I would do this:
2. grep through all files for some unique text (the domain name or iframe tag or something).
3. do a DB dump and grep through that for the string.
4. move all themes outside WP install and try a known good theme.
5. Come back here for a shoulder to cry on.
Best of luck!