dear clayton james, please, don’t think i’m not that noob ?? !
– shared server is not compromised
– other sites on the shared server can surely be compromised, but it is not possible that someone writes only a file in -that- wordpress folder, without writing something elsewhere.
– my ftp account is ok without doubt.
– i think there is such a plugin vulnerability, this is the reason why i listed plugins installed.
– template is written by me. it does not contain exploit code, at least not before i have gone completely rotten. i know very well those encoded blocks.
i have checked all the variables possible, be sure.
as i don’t write a request like that in a forum, if i can solve it by myself. i wrote because, after one day of proofing logs and every line of code, i’m still clueless.
m