Wordpress hacker generating password reset request for admin user
We cannot know the exact motivations but here are some possibilities:
- The attacker is just running an automated script and initiating password resets is just one of the many things in the swiss army knife
- The attacker is testing responses to see if the admin is watching before doing nosier attacks
- The attacker is just being annoying
- The attacker thinks there may be a vulnerability he can exploit in reset workflow, perhaps he think he can intercept the reset email from the server through MitM
- The attacker thinks he can predict the reset token
- The attacker will combine legitimate resets with a phishing attack to try to trick the admin into giving the password up to his fake reset page