Three more Malicious Backdoored plugins with More than 89,000 Active Installs found in WordPress Repository

28 December 2017

WordPress has such a massive ecosystem consist of a number of plugins and themes, threat actors involved in various malicious activities such as hiding the PHP backdoor scripts into the WordPress Security Plugin.

In this incident, the attackers sell existing unsupported plugins to new authors with backdoor code inserted and their goal is to insert SEO spam to the sites with the plugin installed.

Wordfence uncovers the incident and WordPress security team has closed the plugin from the store which means the plugin not available to download from the repository.

Read full news article on GBHackers

Date:

28 December 2017

Categorie(s):

NEWS

Tag(s):

Active, Content-management Framework, Open Source, Open Source Software, Repository, Wordpress, Wordpress Security

How to install App Store apps onto SSD drives using macOS Sequoia8 November 2024
TikTok ordered to close Canada offices following “national security review”8 November 2024
Hackers Can Access Mazda Vehicle Controls Via System Vulnerabilities8 November 2024
CISA Director releases statement on the security of the 2024 elections8 November 2024
Innovator Spotlight: Push Security8 November 2024