Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites

More than 30 WordPress plugins were shut down after a supply-chain backdoor compromised thousands of sites through the ...
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

WordPress websites under attack — dozens of plugins hijacked to target thousands of sites

A malicious actor found a struggling WordPress plugin company, bought it, and introduced malware to each product.
Bleeping Computer

Attackers use abandoned WordPress plugin to backdoor websites

Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. Eval PHP is an old WordPress plugin that allows site admins to embed PHP ...
TechRadar

Top WordPress plugins found to have some serious security flaws, so make sure you're protected

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Two WordPress plugins found carrying 18 security flaws Most of them are deemed critical, since ...

Attention content creators: your WordPress plugin of choice may have been compromised

Don't blog without the proper protections in place, folks.