A little freaked out right now for a site I haven’t updated in a long time TaiwanHipHop.com. I logged into it so I can update the plugins and what not and noticed under my “Who’s been online” plugin that some new Admin user from Poland was on my site
I am freaked out because he was listed as a “Admin” and his username is “AlexEditor” But here is where I am really confused, sign ups are NOT allowed on this site.
How did someone become an admin on my wordpress site if registration is disabled? How did he do this but more importantly what could he have done on my site?
It does not appear that he edited or added any posts or pages. Can some senior WordPress people that have experience with this, enlighten me? Thanks!
PS. Needless to say I changed that user’s password right away and I am now blocking Poland from accessing the site.