It would be convenient if wordpress plugin page has report button as some of the plugins were compromised. I just installed one plugin and after 5 minutes configuring it, my wordpress admin account was modified, but luckily i notice it and changed my admin account again via sql