Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites

More than 30 WordPress plugins were shut down after a supply-chain backdoor compromised thousands of sites through the ...
Searchenginejournal.com

TablePress WordPress Plugin Vulnerability Affects 700,000+ Sites

The problem came from missing input sanitization and output escaping in how the plugin handled the shortcode_debug parameter. These are basic security steps that protect sites from harmful input and ...
Bleeping Computer

Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware

Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. The flaw leveraged in the ...
Bleeping Computer

Attackers use abandoned WordPress plugin to backdoor websites

Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. Eval PHP is an old WordPress plugin that allows site admins to embed PHP ...
TechRadar

Thousands of WordPress websites hacked via plugin looking to steal user data

Hackers found installing malicious plugins on already compromised WordPress sites When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. A new variant ...