Bleeping Computer

Attackers use abandoned WordPress plugin to backdoor websites

Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. Eval PHP is an old WordPress plugin that allows site admins to embed PHP ...
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
TechRadar

Millions at risk as popular WordPress database plugin is targeted by hackers — here's what WordPress site owners need to know

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. A popular WordPress vulnerability has been found carrying a critical vulnerability which allowed ...
TechRadar

Thousands of WordPress sites potentially at risk from plugin security flaw

More than a hundred thousand WordPress websites are reportedly vulnerable to an exploit which allows threat actors to run malicious code remotely and completely unauthenticated, as well as being able ...