Looks like one of my client’s site that I built calgaryrenovationcontractors.com is being hacked.
It’s been now about a week since it gets one-two administrators added in the backend daily. And it looks like the hacker(s) somehow does the password reset by doing the forget password feature.
The site is very well secured and clean and my host keeps checking it and confirms there are no malicious codes or flies on the server. The main admin password is not being changed though even that they do the password reset for them to break in.
My host is very clean and secured and the support said there is no other protection from it besides setting up a two-way authentication.
But it’s got to be an exploit or some file injected or some WordPress vulnerability that hackers use to create new admin accounts.
Can you please help?
The page I need help with: [log in to see the link]
- The topic ‘New unauthorized admin accounts created in backend daily’ is closed to new replies.