The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

Popular WordPress plugins backdoored after ownership change, putting thousands of websites at risk

A popular brand of WordPress plugins was recently weaponized to download and spread malicious code. The new, potentially ...
Searchenginejournal.com

Essential WordPress Plugins Every Site Should Have

WordPress is the most popular content management system in the world, arguably because of its ability to become virtually any kind of website users want it to be. This flexibility is made possible by ...
Bleeping Computer

WP Fastest Cache plugin bug exposes 600K WordPress sites to attacks

The WordPress plugin WP Fastest Cache is vulnerable to an SQL injection vulnerability that could allow unauthenticated attackers to read the contents of the site’s database. WP Fastest Cache is a ...
Bleeping Computer

WordPress plugin disguised as a security tool injects backdoor

A new malware campaign targeting WordPress sites employs a malicious plugin disguised as a security tool to trick users into installing and trusting it. According to Wordfence researchers, the malware ...