Sorry for a late reply, but no there have been no reports of Thematic specifically being compromised. Which version of Thematic were you running?
A common scenario if a site is compromised is to use the file editor in the WordPress dashboard and inject code in a file the active theme or an active plugin. My suspicion is that this is what has happened to you. If they insert a payload in one of the theme files, then that is why that theme file would appear in your logs.
It doesn’t even have to be an active plugin. I have seen the hello dolly plugin used in this way.
Viewing 2 posts - 1 through 2 (of 2 total)
The topic ‘Thematic vulnerability?’ is closed to new replies.