Forums

WordPress › Support » How-To and Troubleshooting

[resolved] unknown user_ids with user_level 10 in user_meta table (3 posts)

  1. jessibird
    Member
    Posted 1 year ago #

    I just noticed something that makes me concerned about my site's security, and wonder if anyone knows about it:

    While doing some work in phpMyAdmin, in the user_meta table, I noticed several rows which had user_ids which do not exist in the users table, and have user_level 10 (administrative).

    Near these rows, there are some first_name values of "..." which I guess are blank.

    I am mystified and slightly worried. Could these entries be:

    a) The aftermath of having gotten hacked in the past (which I was, and had to delete some illegitimate admin users);

    b) something currently wrong with the table;

    c) the result of some legitimate process from either WordPress or a plugin?

    Many thanks to anyone with even the slightest clue,

    Jessi

  2. jessibird
    Member
    Posted 1 year ago #

    Replying to myself: just opened up some of those first_name rows for editing, and they have javascripts in them! So I think it's from past (hopefully not still happening) hackery.

    I am going to back up the table, try removing the suspicious rows, and see what happens. I'll report back.

    Jessi

  3. jessibird
    Member
    Posted 1 year ago #

    OK, yup, after reading this: http://blog.nachotech.com/?p=125 I'm pretty sure those were hacker droppings. They're gone, and my site is working fine, and I now have only entries referring to the only user, me, in user_meta.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags