I've been having a few different problems over the last few days involving security. First a spambot hit us and registered a bunch of spam users as admins. It started making weird changes to our blog.
Then I installed Sabre, which seemed to nip this in the bud, however...I'm still getting random users suddenly listed as admins. One of them changed the name of the blog today! I haven't spoken to her yet, but I have the feeling that she was automatically registered as an admin when she signed up. I double checked my settings, and the default sign-up role is still "commenter" so I have no idea how this is happening.
Could this be some residual result of being hit by a spambot? Could it be a breach opened by a plugin that I installed?
Advise me please!