Unknown phantom user “wordpress” created with admin privileges

It could be that you have the Post SMTP plugin installed. There is an exploit in this plugin: https://patchstack.com/database/vulnerability/post-smtp

The issue has been fixed in version 2.8.8 and above.

Related Posts:

  1. wp_verify_nonce vs check_admin_referer
  2. How does admin-ajax.php work?
  3. Securing Admin Accounts – Username Discovery
  4. Assuming a theme is properly secured, how save is the WordPress admin?
  5. Don’t attribute content to admin users
  6. WordPress ACL (folder + permissions)
  7. using rewrites to secure login page
  8. How do I diagnose a plugin resource 404?
  9. WordPress Brute Force Prevention
  10. Changing admin user id for database
  11. WordPress custom admin functions security
  12. Does deleting the table users prevent all logins?
  13. Why does my admin email address keep changing to something random?
  14. Where to store publicly-accessible files
  15. Admin Ajax is returning 0
  16. Add a Separator to the Admin Menu?
  17. Adding a custom admin page
  18. Allowing admin-ajax.php to receive “application/json” instead of “x-www-form-urlencoded”
  19. Custom admin email for new user registration
  20. Disable comment windows for all existing posts (pages/blogposts)
  21. A similar hook as wp_head for the admin area
  22. Hide allow trackbacks/pingbacks
  23. How to retain HTML5 Attributes on Markup
  24. Gallery Settings Change available Columns
  25. Hide Admin menus per role in WordPress
  26. wordpress upload http error?
  27. Dynamically Set WordPress Post Title To The Category Name
  28. How to find out if an wp-admin action edited a file?
  29. Text snippets shared across posts
  30. Add Admin User via SQL
  31. Add number new posts (post_status = pending) to administration menu [duplicate]
  32. How to disable XML-RPC from Linux command-line in a total way?
  33. How to remove Gravatar from Username column
  34. Page only shows when user is logged in (even with visibility set to public)
  35. I keep getting logged out in Firefox
  36. get_template_part in admin
  37. Why Jetpack is missing the “Feedbacks” menu item? [closed]
  38. Getting the different post statuses + count like in edit.php, in a custom submenu page
  39. What is the optimal way to filter out subpages from admin?
  40. Create a Meta Box in the Admin User Screen?
  41. Send email to Admin when user/member updates specific user/member data
  42. Help with shortcode in admin-ajax [closed]
  43. Protect custom php file with login
  44. disable admin-bar search field for specific roles
  45. Limit Words in Category / Term Description – Admin Panel
  46. Change top level menu item to point to custom submenu item
  47. Change admin logout URL
  48. Link to post author but exclude administrator (on single.php)
  49. Default admin color scheme as “blue”
  50. Can user #1 (the initial user) be deleted without ill effect?
  51. wp-admin post.php JavaScript Links Not Working
  52. Remove duplicate product link from WooCommerce Page Row Actions
  53. How to set default editor tab
  54. Admin Taxonomy Terms – Orderby Term Field
  55. How do I add an admin notice within javascript in the admin interface for posts?
  56. Admin toolbar shows up when not logged in
  57. Make the Status, Visibility, or Date fields opened by default in the Publish box
  58. Force to use STRONG users password and implement rule to prevent REUSE [closed]
  59. WordPress Admin Login Redirect Problem
  60. Admin option sidebar count
  61. 500 internal server error on wp-admin only
  62. Admin Top Bar Not Showing On Front End
  63. WordPress administration Over SSL – To Force SSL Logins and SSL Admin Access
  64. Only Admin can Edit, Delete or Update
  65. Set Edit Post meta boxes inactive
  66. How to verify nonces in bulk?
  67. Getting admin notices to appear after page refresh
  68. Hide post title input for all roles except admin
  69. How to activate the dashboard
  70. avoiding the display of certain categories to certain user roles at content entry time
  71. hide elements of admin with css file
  72. WordPress Hacked 5.5 admin-ajax.php [closed]
  73. how to remove +new from wp admin area
  74. Dynamic WordPress Admin Panel
  75. Visual Editor only working for the admin user
  76. Control Users listed in Users List on dashboard
  77. Weird jquery problem when upgrade to WordPress 3.1
  78. Maintenance mode excluding site administrators
  79. my wordpress configuration locally vs live server
  80. Admin back end – get URL of file using file browser
  81. Unable to edit my “Administration Email Address” after mySQL editing?
  82. WordPress Admin Doesnt work
  83. Admin Bar Acting Up
  84. WP administration over SSL using different domain
  85. Hide top admin panel for non admin and non editors
  86. Delete all custom posts then upload a new CSV of events
  87. Is it possible to create a custom admin page for users?
  88. Get content of publish box
  89. Add button in admin columns
  90. How to switch between two forms for visitor once admin logged in?
  91. Run filter if only it was run from specific admin page ( ‘upload_dir’ changed )
  92. How to create input page in WordPress admin panel?
  93. Disable a function from executing in post.php
  94. Admin blank but Admin menu showing
  95. Reference external file as a function
  96. Change pagination in editing posts [duplicate]
  97. How to cancel redirection to admin side
  98. Content is displayed under admin bar [closed]
  99. How to enforce authentication for all resources?
  100. WordPress site down for my IP only after trying to implement .htaccess whitelist
techhipbettruvabetnorabahisbahis forumuedusedueduedueduedusedusedueduedu