security – System setting changed by system user


Last week we received an email from our WordPress saying that the admin email got changed to
By checking the logs using the WP Activity Log plugin, I can see that the action was done by the ‘System’ user from the IP Something to note: it doesn’t seem to be a valid user, any other record on the logs is showing the actual user that performed the action.
Of course that IP is already blocked, now I’m wondering how somebody managed to change a system setting remotely without having a valid account.
Does anybody have any clue on what happened?

Running WordPress 5.8.2, all the plugins updated

nnimis 1 year 2021-12-12T23:07:22-05:00 0 Answers 0 views 0

Leave an answer