Malicious hackers have found a way to hijack WordPress database credentials and use that information to redirect thousands of blogs to Web sites laden with malware. The attacks, which started last Friday, occurred mostly on WordPress blogs hosted by Network Solutions. Fully-patched WordPress blogs actually stores the database credentials in plain text, making it an easy target to hack. Network Solutions have since implemented a fix on their end but added a caveat: As part of the resolution, we have had to change database passwords for WordPress.
Source: https://threatpost.com/wordpress-hack-linked-database-password-hijack-041210/73813/