A non-admin user with username “[removed]” signed in to your WordPress site

  • Resolved sharonshero

    (@sharonshero)


    4 years, 4 months ago

    For all the years with WooCommerce and WordFence on this site, I received a notice just today that a non-admin user signed into the website. In chatting with a WooCommerce tech, I was advised that the user can only access their account, but I want to be sure that WordFence is not seeing something different occurring here. I did have “Alert me when someone with administrator access signs in” selected in the settings and I sure will want to turn off as long as I know there’s no foul play here.

    My guess is that most of the subscribers are not even aware they have accounts, so this may be just a fluke from a more savvy subscriber.

    Reassurances welcome! THX

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfphil

    (@wfphil)

    Hi @sharonshero,

    I looked around your site and I saw that people can join and donate but I didn’t see anywhere that someone can login to the website on the front end so I presume that the person that logged in thought that they would be able to access an account and went to one of these URL’s:

    https://audubondallas.org/wp-login.php
    https://audubondallas.org/my-account/

    As you have the option Alert me when a non-admin user signs in enabled then you got the alert for that persons login.

    Thread Starter sharonshero

    (@sharonshero)

    That’s what I thought, but wanted to be sure that there site was not vulnerable. I have since turned off the alert option. Thanks for responding.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘A non-admin user with username “[removed]” signed in to your WordPress site’ is closed to new replies.