Reset your WordPress admin password remotely

This script is not a WordPress plugin. It's purpose is only to allow a site owner to reset the administrator password.

The script will read the root wp-config.php to get the database access details, then connect to the DB and query tables users, usermeta and user_level

The data will be returned to a select form field to choose a single user for password change. Once the process completes successfully, the page will redirect to the wp-admin page. Be sure to delete the file after use, else demons will find and use it.



The Code

Copy the following code to your new .php document and place in the root of the WordPress installation, where the file wp-config.php exists.


if( file_exists(dirname(__FILE__).'/wp-config.php') ) 
	include 'wp-config.php';
	$dbconnect = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
	// quit if no db connection
	if( $dbconnect->connect_error ) {
		echo '<p style="color:red">DB connection failed: ('.$dbconnect->connect_errno.') '.$dbconnect->connect_error.'<br>Database connection was blocked</p>';

	$usertbl = $table_prefix.'users';
	$usermeta = $table_prefix.'usermeta';
	$userlvl = $table_prefix.'user_level';
	$queryusers = "
	SELECT ID, user_login, user_email 
	FROM $usertbl 
	LEFT JOIN $usermeta 
	ON $usertbl.ID = $usermeta.user_id 
	WHERE meta_key = '$userlvl'
	AND meta_value = 10

	// db response
	$res = $dbconnect->query($queryusers);
	$usr= $optname='';
	if( $res->num_rows > 0 ) {
		while($row = $res->fetch_assoc()) {
			$usr .= '<ul><li>'.$row['user_login'].'</li><li>'.$row['user_email'].'</li></ul>';
			$optname .= '<option value="'.$row['user_login'].'">'.$row['user_login'].'</option>';
	// Run password update	
	if( isset($_POST['username']) && isset($_POST['pwset']) ) 
		$password = '"'.MD5($_POST['pwset']).'"';
		$username = '"'.$_POST['username'].'"';
		$queryupdate = "UPDATE $usertbl SET user_pass = $password WHERE user_login = $username";
		$admin = str_replace($_SERVER['SCRIPT_NAME'],'',$_SERVER['SCRIPT_URI']).'/wp-admin';
		if( $dbconnect->query($queryupdate) === true ) 
			$result = '<p class="notice success">The password update ran successfully.</p>';
			$result .= '<p class="notice success">Now redirecting to admin...</p>';
			$result .= '<p class="notice warn">This file should self destruct and be gone from the server, however be sure to check and confirm deletion.</p>';
			echo '<meta http-equiv="refresh" content="7; URL='.$admin.'">';
			$result = '<p>The password update failed for an unknown reason. Maybe allow some time and try again later.</p>';
			$result .= '<p class="notice alert">Do NOT leave this file on your server anywhere!</p>';

} ?>

<!DOCTYPE html>

body {font-family: verdana; font-size: 13px; padding: 0 50px 50px;}
a {text-decoration: none; color: #b22525; font-weight: 900;}
input, select {display: block; border: 1px solid #bbbbbb; padding: 8px 4px; margin-bottom: 5px; width: 220px; border-radius: 3px;}
input[type="submit"] {cursor: pointer;}
input[type="text"] {font-family: courier;}
.notice {background: #ddf7ff; padding: 8px;}
.notice.alert {background: #ffdde1; font-size: 28px; text-align: center; color: #ce0100; font-weight: 900;}
.notice.success {background: #f1ffdb;}
.notice.warn {background: #f4e4dc; color: #e56e00; font-weight: 900;}
.footnote {text-align: center; background: #f2f2f2; padding: 5px;}
.list {margin: 20px 0;}
.list ul {list-style: none; padding: 0; margin: 0; overflow: hidden;}
.list li {float: left; padding: 5px; border: 1px solid #eeeeee; width: 50%; box-sizing: border-box;}
.list .th {background: #dedede; font-weight: 900;}



<?php if( !file_exists(dirname(__FILE__).'/wp-config.php') ) {
	echo '
	<p class="notice alert">
	This file must be in the WordPress root directory where the wp-config.php file is located.
	if( !empty($dbconnect->stat) ) 
		echo '<p class="notice">database connection OK</p>';

<h3>Admin Password Reset</h3>
<p class="notice alert">Be sure to delete this file once done</p>

<?php echo $result; ?>

<form method="post" action="">
	Select the user name to update*
	<select name="username" required="required">
		<option value="">Select</option>
		<?php echo $optname; ?>
	Set new password*
	<input type="text" name="pwset" value="" required="required" />
	<input type="submit" name="pwsend" value="Reset Password" />

<div class="list">
	<h4>List of Administrators Found In User Database</h4>
	<p>Do not attempt to change all or multiple passwords with this tool. 
	Simply change one, login to the WP administration and make other changes within the User manager.</p>
	<ul class="th"><li>Username</li><li>Email</li></ul>
	<?php echo $usr; ?>

<?php } ?>