advice Is this wordpress hack ?

[Isac]

Someone Registered on my wordpress website shoutscoop.com but as per my website Membership settings " No User can register " . This is an email i got "


WordPress [email protected] via cp-in-10.webhostbox.net
to me

New user registration on your site Shout Scoop:

Username: odislav48

Email: [email protected]

.
.
when i opened my website and checked user i was shoked to see " he is registered as an Administrator ". So i quickly removed . I didn't understand whats going on ?

 

[MasterOfMyDomains]

Who knows how its possible. Its possible. Once someone gets into cpanel, they can add files to and site hosted in that cpanel without even visiting your website.
Weak plugin, maybe old site you had built via that cpanel left a security risk. Even though you deleted all files.
Again, the cpanel you access via your hosting provider, how many domains are there?
Just watching cnn some hack job going down. These guys never stop trying to find a way to hack anything
Malicious content can kill your name

 

[Furquan]

I've checked my hosting's login history and there was 2 susupicious logins, so I'm confident that the HOSTING was hacked, not my website.

But this is another one, you where got targeted because of some security hole in your website or via some other website which was in the same network.

It's a different case, as @Isac has unchecked "Anyone can register". He is no way get any message again.

 

[Furquan]

Just Installed wordfence

Now uninstall all the VPN services, as you are going to lock your site by yourself, lol

 

[Primary Names]

Great advice from @barefooted , but its gonna be tough to scan all those lines of code, unless you are a savvy coder and know what you are doing. Most probably someone has left a backdoor in a hacked plugin/theme, you might have downloaded from "somewhere".

Deleting that user id is not gonna work unless you delete the plugin/theme itself. But deleting that itself might not work if the code might have injected itself into wordpress core files.

I have had this type of issues in past. Since I am the paranoid type, I have almost always ended up reinstalling the core files. But there is one good habit that helped, I always have a back up of my DB. Also I mostly use plugins from the wp-repository only.

Goodluck.

 

[Emmy101]

You should change the administrator account's email and password, and be careful with plugins/themes some are outdated and could be used to hack your website over and over.