[wp-trac] [WordPress Trac] #58771: Someone logged onto my WordPress Admin Site, changed the password, and created a User Registration

WordPress Trac noreply at wordpress.org
Mon Jul 10 16:16:34 UTC 2023 

#58771: Someone logged onto my WordPress Admin Site, changed the password, and
created a User Registration
--------------------------+-----------------------------
 Reporter:  peterg1206    |      Owner:  (none)
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  Security      |    Version:
 Severity:  normal        |   Keywords:
  Focuses:                |
--------------------------+-----------------------------
 I checked settings and the "Anyone can register" is unchecked.

 I was able to regenerate a password and delete the user registration.

 I received several emails over the weekend regarding this activity.  My
 password was 15 characters long, so I am not sure how anyone could have
 figured out my password.  I am concerned and wanted to let someone know of
 this security vulnerability.

 EMAIL 1: 7/8/2023 07:18 AM
 Howdy! Some plugins have automatically updated to their latest versions on
 your site at https://www.privotechnologies.com. No further action is
 needed on your part.

 These plugins are now up to date:
 - Protect Uploads (from version 0.3 to 0.4)

 If you experience any issues or need support, the volunteers in the
 WordPress.org support forums may be able to help.
 https://wordpress.org/support/forums/

 The WordPress Team

 EMAIL 2: 07/10/2023 12:20 AM
 New user registration on your site Privo Technologies, Inc.:

 Username: wadminw

 Email: wadminw at wordpress.com

 EMAIL 3: 07/10/2023 12/21 AM
 New user registration on your site Privo Technologies, Inc.:

 Username: wadminw

 Email: wadminw at wordpress.com

 EMAIL 4: 07/10/2023 5:46 AM
 Hi privomain,

 This notice confirms that your password was changed on Privo Technologies,
 Inc..

 If you did not change your password, please contact the Site Administrator
 at pgoldberg at privotechnologies.com

 This email has been sent to peter.goldberg at comcast.net

 Regards,
 All at Privo Technologies, Inc.
 https://www.privotechnologies.com

 EMAIL 5: 07/10/2023 5:47 AM
 New user registration on your site Privo Technologies, Inc.:

 Username: admmega123

 Email: admmega123 at outlook.com

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/58771>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list