Unauthorized Access w/ Login Configurator
-
A new user gained access to a site on my multisite wp install — that I hadn’t given them access to (I know this because they posted a comment).
The admin users panel confirms that they’re not supposed to have access to the site they gained access to (it was the root site).
Needless to say, I don’t want to pump said user for a blow by blow — can anyone give me some sense of what happened? I’ve forced a redirect to each respective subdomain’s home page, but that seems kludgy.
Login Configurator’s plugin site has been hosting a malicious redirect for a while now, so perhaps GrandSlambert is down for the count. That would certainly be a pity.
- The topic ‘Unauthorized Access w/ Login Configurator’ is closed to new replies.
