I have the following issue:
Somebody or a hack is adding a subscriber role by itself into my admin panel and I don't know how he does that. He is not subscribing for the article updates but as a "subscriber" to the admin panel.
Normally, only admins are supposed to be able to perform the task of adding new users to admin panel in WP disregarding the role they give to these users.
Can someone tell me if there is a security breach in WP that hackers can exploit to add new admin users.
The name of the user is firstname.lastname@example.org and don't have avatar picture.
I have changed my admin password already twice. but the guy is still coming...
Has anyone had this issue before? what can I do to prevent this to happen?
Thanks in advance for your help.