[wp-hackers] DB inserts into usertable

Andrew Gray andrew at graymerica.com
Fri Aug 20 20:18:19 UTC 2010

I just noticed that some of my databases for my installs had a bunch of random users.

Across multiple Databases, with the same password and style.  I am sure it is because I was lazy and used a master password in a bunch of my Wordpress installs on that server.

At this point, I have fixed the problem, but has anyone else seen this?   Is is a bad plugin or something else.

Here is an example of what was in all my DBs,

No timestamp, gmail addresses, First Name Last Initial.  Every name was different, but the password was the same.

INSERT INTO `wp_users` (`ID`, `user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_activation_key`, `user_status`, `display_name`) VALUES
(2, 'SofiaT', '$P$BWrPjMxeckS8Qjhhd.3CqhhpM5c5G3/', 'Sofia Turner', 'SofiaT at gmail.com', '', '0000-00-00 00:00:00', '', 0, 'Sofia Turner'),
(3, 'AlexandraR', '$P$BWrPjMxeckS8Qjhhd.3CqhhpM5c5G3/', 'Alexandra Russell', 'AlexandraR at gmail.com', '', '0000-00-00 00:00:00', '', 0, 'Alexandra Russell'),
(4, 'JosephB', '$P$BWrPjMxeckS8Qjhhd.3CqhhpM5c5G3/', 'Joseph Butler', 'JosephB at gmail.com', '', '0000-00-00 00:00:00', '', 0, 'Joseph Butler'),

More information about the wp-hackers mailing list