Someone planted backdoors in dozens of WordPress plugins used ...
4 days ago · Dozens of WordPress plug-ins were allegedly hijacked to push malware after they were sold to a new corporate owner.
Popular WordPress plugins backdoored after ownership change ...
3 days ago · A popular brand of WordPress plugins was recently weaponized to download and spread malicious code. The new, potentially massive supply chain attack was unveiled by Austin Ginder,...
30 WordPress Plugins Bought And Backdoored: The 2026 Supply ...
6 days ago · A 2026 WordPress supply-chain attack allegedly turned 30+ sold plugins into a dormant backdoor operation that hid SEO spam from site owners, persisted beyond a forced update, and …
Backdoor Found In 30+ WordPress Plugins After Ownership Change
3 days ago · After the transfer, updates introduced code that appeared routine in changelogs but later proved to include a hidden backdoor. That code remained inactive for months, blending into normal …
Someone Bought 30 WordPress Plugins and Planted a Backdoor in ...
Apr 9, 2026 · The malware was hiding in wp-config.php. The plugin’s wpos-analytics module had phoned home to analytics.essentialplugin.com, downloaded a backdoor file called wp-comments …
30 WordPress Plugins Turned Into Malware After Ownership ...
1 day ago · 30 WordPress Plugins Turned Into Malware After Ownership Change (bleepingcomputer.com) 7 Posted by EditorDavid on Saturday April 18, 2026 @02:34PM from the …
Trusted WordPress Plugins Hijacked in 8-Month Stealth ...
4 days ago · Hackers secretly planted a remote code-execution backdoor in more than 30 popular WordPress plugins, leaving it dormant for about 8 months before activating malware.