I’m experiencing a problem where, for some reason, an attacker manages to create user accounts in my administration, and manages to change emails for existing users.
- I removed all malware from the site
- redid the default magento installation
- I changed the password for all users.
- I installed a tool to check logs, and I noticed that the user simply appears in the administrative
I’m using magento version 2.3.5-p2.