Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites

Dozens of WordPress plugins were allegedly hijacked to push malware after they were sold to a new corporate owner.
Dark Reading

PhishWP Plug-in Hijacks WordPress E-Commerce Checkouts

A malicious plug-in found on a Russian cybercrime forum turns WordPress sites into phishing pages by creating fake online payment processes that convincingly impersonate trusted checkout services.
Dark Reading

Critical WordPress Plug-in Flaw Exposes 4M Sites to Takeover

A WordPress plug-in installed on more than 4 million websites exposes them to full administrative takeover through a scripting flaw that potentially can be used to launch large-scale automated attacks ...
Hosted on MSN

Using WordPress? Delete these plug-ins before it’s too late

In a recent episode of the cybersecurity world, a huge number of plug-ins have been taken down by the open-source platform WordPress after a hidden backdoor was found, sparking concern about the ...