I am running a server on Ubuntu 10.04 running a word press website, and recently a virus scan revealed that I have several malicious scripts sitting in the word press folder. In particular they are in the cache and temp folder of a theme that I'm currently using.
I opened them with VIM and read through them, they are certainly bots and spamware, one of them is even called c99 injecktor. I am very interested in how these scripts can be injected into these folders, and what actions I should take upon discovering them. Should I simply delete them?
Also, is the injection caused by security flaw of word press, or should I be worry about anything else other than getting a more up-to-date version of word press in my new server?