It appears that this site has been targeted by a spammer attempting to perform their dubious tasks. As best I can tell this is due to a known Wordpress exploit that has been fixed in Wordpress 2.8.5.

I have updated the Wordpress installation to the latest version and cleared out all modified files. The good news is that all of the extension packages have not been affected by this issue.

Thanks to @passy for bring this issue to my attention.