Joost de Valk posted some scary stuff over on his Yoast blog this weekend.
In short, an SEO plugin used on WordPress was not really an SEO plugin. It was pure spam and malware. Bloggers who installed it virtually handed over their sites to this plugin and it resulted in a huge mess for them and the internet.
Joost de Valk reviews plugins for WordPress, but when he saw "BlogPress SEO" he was a bit suspicious. The plugin basically was a mass link exchange or link buying system for WordPress blogs. But it gets worse.
The plugin also hides links on your site plus it sends your information over to the creator of the plugin. Then they can login to your WordPress site and install anything they wish, beyond just links.
Moral of the story - be careful what you install on your WordPress install and on your servers. This is why I am personally not into going with platforms like WordPress. There are huge benefits but there are so many people I know that would install things without understanding the ramifications.
Forum discussion at Sphinn.