Opened 22 months ago
Closed 5 months ago
#58771 closed defect (bug) (invalid)
Someone logged onto my WordPress Admin Site, changed the password, and created a User Registration
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Security | Keywords: | |
Focuses: | Cc: |
Description
I checked settings and the "Anyone can register" is unchecked.
I was able to regenerate a password and delete the user registration.
I received several emails over the weekend regarding this activity. My password was 15 characters long, so I am not sure how anyone could have figured out my password. I am concerned and wanted to let someone know of this security vulnerability.
EMAIL 1: 7/8/2023 07:18 AM
Howdy! Some plugins have automatically updated to their latest versions on your site at https://www.privotechnologies.com. No further action is needed on your part.
These plugins are now up to date:
- Protect Uploads (from version 0.3 to 0.4)
If you experience any issues or need support, the volunteers in the WordPress.org support forums may be able to help.
https://wordpress.org/support/forums/
The WordPress Team
EMAIL 2: 07/10/2023 12:20 AM
New user registration on your site Privo Technologies, Inc.:
Username: wadminw
Email: wadminw@…
EMAIL 3: 07/10/2023 12/21 AM
New user registration on your site Privo Technologies, Inc.:
Username: wadminw
Email: wadminw@…
EMAIL 4: 07/10/2023 5:46 AM
Hi privomain,
This notice confirms that your password was changed on Privo Technologies, Inc..
If you did not change your password, please contact the Site Administrator at pgoldberg@…
This email has been sent to peter.goldberg@…
Regards,
All at Privo Technologies, Inc.
https://www.privotechnologies.com
EMAIL 5: 07/10/2023 5:47 AM
New user registration on your site Privo Technologies, Inc.:
Username: admmega123
Email: admmega123@…
@peterg1206 So sorry that nobody ever got back to you on this.
For future reference, this is the best starting point for a hacked site: https://wordpress.org/documentation/article/faq-my-site-was-hacked/
Cheers!