“Hacked by Imam with Love”
Well, that was all the impetus I needed to get my upgrades in order and update to https.
Editing to add more info.
So, it looks like I’ve been getting hacked about once a day for the last two weeks, but the only damage is that my last post got replaced with bragging rights about the hack, and then they spent the last two weeks fighting over who gets to display the bragging rights.
The exploited vulnerability is this one: https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html
So my user accounts weren’t compromised, and my password is secure, but WP once again introduced the sort of hack that let you do just about anything without even logging in. If I’d been on the ball about getting my updates sorted, it wouldn’t have happened, but I’ve been busy and can’t use the auto-updater any more so I’d been putting it off because manual updates are a pain in the ass.
Far as I can tell, they only edited the one post and I’ve reverted the content on that. Doesn’t seem to be any more damage.
ETA (2018-03-22): found a second post, still haven’t found much damage…