Have people seen this? http://arstechnica.com/security/2014/07/wordpress-plugin-with-1-7-million-downloads-puts-sites-at-risk-of-takeover/ Could be an issue related to the recent rash of concerns in the forums about brute force attacks and xmlrpc. -songdogtech