My website has been attacked by some kind of spam bot which posts random content repeatedly. The bot is able to use my admin user account to create these posts. Has anyone encountered this issue?
Things I've done to combat this issue:
1) Hostgator full website restore. No dice and they couldnt find anything malicious.
2) Changed all of my associated passwords to strong, randomly created passwords.
3) Installed a bunch of security plug-ins including stealth log-in which should mask my wp-admin log in, Akismet, Sweetcaptcha, Word Fence, and has had the website scanned etc. no dice.
4) Scanned my computer with Symantec Endpoint.
5) Google says the website does not have anything malicious on it.
So I'm thinking its something with the this specific plug-in or something that is hiding very well on my computer or phone...
My site is TYNIT.com, but I have a maintenance page up because the spam is out of hand. I can send you examples if wanted.