WordPress.org

Ready to get started?Download WordPress

Forums

Possibly fake admin users, all with user ID 0 (4 posts)

  1. mcdworkshop
    Member
    Posted 3 years ago #

    On at least two of my WordPress installs (haven't checked others yet) the count of users is off. For example, one blog says there are three admin level users, but lists only one, the legitimate admin, me.

    I have been reading about fake admin users that are hidden and can hold malicious code. But I checked my database and the only user was me, the correct admin.

    According to the Exploit Scanner plugin, the two extra admins have blank usernames and both have user_ID 0. Is this something to be concerned about?

    Incidentally, the user count for other levels is also off. I had a bunch of subscribers, then decided to erase them all, but the count of subscribers on the user page still shows a count of 117, but then displays none below, and says no matching users were found.

  2. Mark / t31os
    Moderator
    Posted 3 years ago #

    Usually odd counts are the results of deleting users directly in the database, and not from the admin interface, the problem is that user meta is left over, and the functions responsible for counting users looking at users in the meta table.

    Did you remove users by deleting records from the database directly? (Or if not, have a plugin that removes users?)

  3. mcdworkshop
    Member
    Posted 3 years ago #

    Thank you Mark, that is exactly what happened. I had erased users directly from the database because I was in there already having a panic attack searching for bad code after reading some articles. Sometimes I don't know who destroys my websites more effectively, hacker types or me over-reacting and erasing all my users and chunks of websites...

  4. Mark / t31os
    Moderator
    Posted 3 years ago #

    I provided a query in this thread for finding redundant user entries.
    http://wordpress.org/support/topic/user-in-db-and-user-in-interface-number-variance

    The number of results you get back from that query should be the amount your count(s) are off by(if i'm right).

    TIP: When removing users in future, remember to remove the corresponding meta entries for the users you're removing, entries are related by ID(users table) <-> user_id(usermeta table).

Topic Closed

This topic has been closed to new replies.

About this Topic