Who is the wpcore user?
Unprotected wordpress sites are being hacked en masse, but in such a sophisticated way that many site owners are unaware of it.
It is telling that a new administrator is appearing among the site administrators with the username wpcore.
If you experience this you should start to suspect that your website has been hacked. If you check the posts and pages menu you will not see any changes and you may as well rest assured.
But if we delete the inappropriate php and css!!! files in the uploads folder, the extraneous files in the sitemap etc… in the main directory, and clean the functions.php file of the current template, we will see 25-30,000 posts without authors, most likely promoting casinos, in the posts, and deleting them is not an easy thing to do.
The biggest novelty of the hack is that it disguises itself, and only by going through the steps mentioned above can you see how much trouble it is. Sometimes unknown plugins may appear in the plugins that are only visible via FTP, and a file manager folder may appear in the uploads folder.
If this happens to you, please contact me and we will solve your problem.
hey man I have this problem >> https://www.tigaman.com/who-is-the-wpcore-user/
I’ve already kicked him out and protected the site (I thougth) 3 weeks ago
Today he came back. How? You know how to prevent it to recreate the user?