Had this happen to 2 of my sites yesterday.
Elementor + Astra + Ultimate Addons + Wordfence.
yolalo1 was the user too. They uploaded a few code files and a txt file to the media.
Also noticed a “wp-xmlrpc.php” file in my site files that was able to get a whole ton of info.
@miosam881 anything from UAE?
