As I had advised, the account was attempting to send out spam emails. It's unclear how the exact compromise happened however, which is why I recommended uninstalling the software and reinstalling it from fresh vendor-supplied files, along with updating all of your passwords.
Wordpress is known for having exploits - it's one of the most popular CMS' out there, which also means it's one of the most high-profile target for the so-called drive-by hackers who run scripts to scan for an exploit on an old version of the software, and use it. The Wordpress Codex also has an article entitled "Hardening Wordpress" that I would recommend reading and following; it's not a guaranteed way to stop exploits, but it can help protect against them.
