Today I notice a new user could registered with admin rights.

I think I’m infected by the same.

Out site title was changed, too.

The automatic register status was changed to Admin, for every new registed user.

-> Now I have updated the plugIn (Order Delivery pro)

-> I’ve deleted the new user ‚fallinlove‘

Have everybody more information about this new vulnerability?

Should I do everthing more, or is it fixed with the update.