a New and sustained cross scripting attack specifically targeted at content management plugins and other web applications (WordPress, phpmyadmin, phppgadmin, etc) is currently ongoing on the Internet.
The attacker botnet would establish a vulnerability and inject an iframe into the website. The iframe would contain browser exploit code, links, etc.
Compromised websites are advised to update their systems as vendors are repairing problems as they are reported and discovered.