Popular WordPress plugins backdoored after ownership change, putting thousands of websites at risk

A popular brand of WordPress plugins was recently weaponized to download and spread malicious code. The new, potentially ...
Cybernews

WordPress plugins taken offline after a developer found 30 injected with malicious code

Dozens of WordPress plugins have been compromised by an unknown actor who planted backdoors in popular add-ons after buying ...

WordPress plugin suite hacked to push malware to thousands of sites

More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows ...
Gadget Review on MSN

WordPress plugin backdoor hits 20K+ sites in supply chain attack

WordPress plugin backdoor compromises 20,000+ sites through supply chain attack using blockchain evasion tactics and ...
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

Over 20,000 WordPress Websites Infected With Malicious Plugins

Dozens of plug-ins for WordPress have been taken offline after a backdoor was discovered that allowed malicious code to be distributed to thousands of ...
DMR News

WordPress Plug-Ins Removed After Backdoor Discovered In Supply Chain Attack

Dozens of plug-ins for WordPress have been taken offline after a backdoor was found that allowed attackers to distribute ...
Bleeping Computer

WordPress fixes POP chain exposing websites to RCE attacks

WordPress has released version 6.4.2 that addresses a remote code execution (RCE) vulnerability that could be chained with another flaw to allow attackers run arbitrary PHP code on the target website.

Using WordPress? Delete These Plug-ins Before It’s Too Late

Dozens of WordPress plug-ins have been pulled after a hidden backdoor reportedly exposed thousands of websites to malicious ...