Thanks for sending this through.
I have seen this before and have worked through many of the ideas shown. But there some scripting somewhere that keeps re-writing this user into the site, which is worrying. It also seems as if the attack has taken away my ability to update or delete plugins or update WP unless I go via FTP which is time consuming.
Wordfence keeps stalling too. has anyone used the Wordfence site repair service? Any information as to whether it’s worth the money?
Thanks
Di
