I’ve been doing more analysis of my logs. I found a robot looking for a list of plugins. I can only assume that these plugins have or have had exploitable code. Probably the bugs have been fixed, but I would go through this list and be very careful about verifying this if you use one of these plugins.
I am adding these to my “Protection” plugin 404 module to mark the ip addresses as dangerous.
The robot searched for these files:
wp-content/plugins/auto-attachments/a-a.css
wp-content/plugins/category-grid-view-gallery/cat_grid.php
wp-content/plugins/cimy-user-extra-fields/README_OFFICIAL.txt
wp-content/plugins/ckeditor-for-wordpress/ckeditor.config.js
wp-content/plugins/contact-form-7/license.txt
wp-content/plugins/fcchat/default.png
wp-content/plugins/font-uploader/font-uploader-free.php
wp-content/plugins/front-end-upload/destination.php
wp-content/plugins/gallery-plugin/gallery-plugin.php
wp-content/plugins/mac-dock-gallery/bugslist.txt
wp-content/plugins/magic-fields/MF_Constant.php
wp-content/plugins/nextgen-gallery/changelog.txt
wp-content/plugins/nmedia-user-file-uploader/readme.txt
wp-content/plugins/resume-submissions-job-postings/installer.php
wp-content/plugins/user-avatar/readme.txt
wp-content/plugins/user-meta/readme.txt
wp-content/plugins/user-photo/admin.css
wp-content/plugins/wp-e-commerce/license.txt
wp-content/plugins/wp-filemanager/fm.php
wp-content/plugins/wp-homepage-slideshow/functions.php
wp-content/plugins/wp-image-news-slider/functions.php
wp-content/plugins/wp-property/action_hooks.php
wp-content/plugins/wpmarketplace/readme.txt
wp-content/plugins/wpstorecart/lgpl.txt
wp-content/plugins/zingiri-web-shop/admin.css