Auto Generated Emails and New User Registrations

I recently took on a new client. One of their past issues which we are trying to fix is that he is getting New User notifications regularly from people in his organization however he is not sending them out.

Somehow emails are automatically being generated to individuals who are not current users but have emails with the client (ie. sample@samplesite.com). The emails are coming from adminuser@samplesite.com. They receive the following email:

Subject: [samplesite.com] Activate cameron
To: cameron@samplesite.com

Hi,

You've been invited to join 'The Sample Site' at

http://samplesite.com with the role of Author.

If you do not want to join this site please ignore

this email. This invitation will expire in a few days.

Please click the following link to activate your user account:

http://samplesite.com/wp-activate.php?key=6d198de751a25dba

When I clicked the link it automatically created the user with an automated message saying that login and password info was sent to their email.

I thought it might be a plugin but perhaps its a malicious script running? Not sure how they would even be able to send emails to people that are not in the WordPress database.

Thoughts?

Thanks!

  • Nithin

    Hi ticadmin,

    Hope you are doing good today. :slight_smile:

    Somehow emails are automatically being generated to individuals who are not current users but have emails with the client

    This is an odd behavior, as WordPress only sends emails to newly generated users, and none other users listed outside Users menu.

    It could either be a plugin conflict, you could try disabling all your plugin, and switch to a default theme, and then try to check whether you are able to replicate this issue. You could also turn debug mode on, to check whether you are able to log any errors related to this.

    I thought it might be a plugin but perhaps its a malicious script running?

    If this is the case, would recommend you to make use of Defender in order to detect whether there is any malicious script running. If yes, the plugin should show instructions to how to harden your website. You recommend you also check this link too: https://codex.wordpress.org/FAQ_My_site_was_hacked

    I hope this helps. Please let us know if you still need any further assistance. Have a nice day. :slight_smile:

    Best Regards,
    Nithin

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.