Starting last Sunday night, many WordPress site owners were unpleasantly surprised to see.
As reported by sucuri.net
There seems to be correlations between WordPress sites and plug-ins that have not been updated.
WordPress sites that have been maintained, along with their plug-ins have not been affected.
If you have been affected there is a fix the files that were affected must be replaced.
These files contain malicious coding.
You should then update all plug-ins and ensure your WordPress is running the latest version which is currently 4.01
If you are unsure of how to do this have a professional do it for you.
WordPress maintenance program We provide this service also additional security installations to prevent or stop them. Hope this helps..
PS. you can run your entire site through a security check for free here http://sitecheck.sucuri.net/