tomzemandA friend of mine is having trouble with his wordpress site ( http://www.spraytan-odense.dk ).
At first, he had malware on the site and there was a suspicious line of javascript code. I installed several security plugins and checked every file, the malware was gone and the site was clean!
Now we're facing a new problem. This has happened twice. Unknown users have been created (even tho registration is not available - we turned that off in settings!) with admin rights.
I could imagine if the site was making money or had tons of visitors everyday, that being a target for hackers would be normal. But we're talking about a standard wordpress site for a spraytan company. They're registrering with emails such as <something>@spraytan-odense.dk.
I've searched the forum but couldnt find anything, if I have overlooked something, please link me. If you have any idea to a solution or know whats causing this, please help.
andrey_simonov
