Hacked user meta added on user signup form
I have a strange problem on a WordPress site I am working on locally.
I created an ajax managed form for user signup, which then uses the wp_insert_user function to create the user. The form has fields for first name, last name, email and password.
On the local installation every time I submit the form, the user meta are filled in with strange random data, some written in Cyrillic.
I have updated the core and plugins, and disabled theme and plugins but the problem still occurs.
I then tried the same form in a new local installation and the problem does not happen.
Could they have broken my local site?
How do you think I can figure out where this script is that inserts the meta user?
Leave an answer