Previous thread was closed so there’s no way to help other users identify the issue.
Turns out that a vulnerability in the WP-GDPR plugin was the culprit:
They’ve updated it with a fix.
]]>So Saturday Oct 13, upon logging into my site, saw an admin message from your plugin telling me to Opt in at the top of my dashboard.
Myself and my wife are the only admins.
She DOES NOT install plugins. I run the site.
Somehow this plugin was in stalled and activated.
I deactivated and deleted and immediately scanned the server and my own system. Both clean. I have sucuri.net protecting my site and scanning for malware.
A few hours later, the plugin re-appeared and reactivated.
I deleted again and called my host for tech support.
It’s been installed and activated 5x now in 2 days.
Is there ANY support you could give me to determine if this code has been altered, or if there is any sort of odd testing you’re doing that might explain this? or has anyone else said this?
Wordpress seems to indicate there are less than 10 installs of this plugin out there.
]]>