security

Hi,

I have several sites running using themes I purchased from a high-end template site. The sites are related and there is a link to the other sites on each site. The templates are from the same template company but made by different authors.

I use WordPress file monitor and recently I’ve been getting emails like the following:

Changed:
wp-includes/js/l10n.js
wp-includes/js/jquery/jquery.js
wp-content/themes/stereoline/js/jquery-1.4.1.min.js

The email has a link to the site and when I click on it I am taken to the site and then, after a short wait, redirected to some “celebrity gossip” site or similar. But if I try to go to the site itself again, I am no longer redirected. (The file monitor alert exists inside the back end of wp as well so it is not a fake email.)

This has been happening to one site and then another. I contacted my hosting company and they cannot detect any malware on my sites and assure me that their servers are secure.

I contacted the template companies and they tell me there are no “holes” in their templates. And as far as wordpress, I am using the latest version.

Not sure what to think anymore and how they are getting access to make these changes. I use fairly strong passwords and have removed all ftp access to the server.