https://www.bleepingcomputer.com/news/security/hackers-exploit-litespeed-cache-flaw-to-create-wordpress-admins/

Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites.

LiteSpeed Cache (LS Cache) is advertised as a caching plugin used in over five million WordPress sites that helps speed up page loads, improve visitor experience, and boost Google Search ranking.