Security Breach – Users become admins

  • mothnyc

    (@mothnyc)


    16 years ago

    I’ve been having a few different problems over the last few days involving security. First a spambot hit us and registered a bunch of spam users as admins. It started making weird changes to our blog.

    Then I installed Sabre, which seemed to nip this in the bud, however…I’m still getting random users suddenly listed as admins. One of them changed the name of the blog today! I haven’t spoken to her yet, but I have the feeling that she was automatically registered as an admin when she signed up. I double checked my settings, and the default sign-up role is still “commenter” so I have no idea how this is happening.

    Could this be some residual result of being hit by a spambot? Could it be a breach opened by a plugin that I installed?

    Advise me please!

  • The topic ‘Security Breach – Users become admins’ is closed to new replies.