The snippet near the top of the injection is accountable for checking to see if the website visitor is presently logged in to WordPress. Update March 7: The WordPress Directory workforce investigated and mitigated this https://www.youtube.com/watch?v=v6ObHdplX8Y