Bleeping Computer

Attackers use abandoned WordPress plugin to backdoor websites

Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. Eval PHP is an old WordPress plugin that allows site admins to embed PHP ...

WordPress websites under attack — dozens of plugins hijacked to target thousands of sites

A malicious actor found a struggling WordPress plugin company, bought it, and introduced malware to each product.

Popular WordPress redirect plugin hid dormant backdoor for years

The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that ...
Lifehacker

Use This Plugin to Add Your WordPress Site to the Fediverse

Install one plugin and Mastodon—and eventually Threads—users can follow your blog. March 28, 2024 Add as a preferred source on Google Add as a preferred source on Google I miss blogs. Don't get me ...
Infosecurity-magazine.com

Major WordPress Plugin Flaw Exploited in Under 4 Hours

A critical vulnerability in the WordPress plugin SureTriggers has exposed thousands of websites to remote attacks, allowing unauthenticated users to create administrative accounts. SureTriggers ...