There is something called “User Agent Spoofing” [1].
Basically, when the web browser accesses a website, it sends some information about your computer to the server, these are called HTTP headers. One of them is the “User-Agent” which holds the information about which web browser are you using, operating system, version numbers, plugins, etc.
The thing is, all this information can be spoofed with multiple tools that are publicly available on the Internet. CURL [2] for example, allows you to set any HTTP header that you want and also modify the existing ones.
In this case, it seems that someone who is trying to access the admin interface of your website is using one of these tools to brute force the login page. And is changing the User-Agent to “WordPress” for reasons that are irrelevant to us. Here [3] is an example of how someone can do this, just so you can see how easy it is.
[1] https://en.wikipedia.org/wiki/User_agent#User_agent_spoofing
[2] https://en.wikipedia.org/wiki/CURL
[3] curl -H "User-Agent: Ohute Browser 1.0.4" https://example.com
