Skip Navigation

Cybersecurity @sh.itjust.works BrikoX @lemmy.zip 3 mo. ago

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

arstechnica.com Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

Malicious updates available from WordPress.org create attacker-controlled admin account.

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

Malicious updates available from WordPress.org create attacker-controlled admin account.

Technology @lemmy.world Otter @lemmy.ca 3 mo. ago

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

arstechnica.com /security/2024/06/supply-chain-attack-on-wordpress-plugins-affects-as-many-as-36000-sites/

1 comments

To quote directly from the article:

The five plugins are:

Social Warfare (https://wordpress.org/plugins/social-warfare/) - 30,000 installs

BLAZE Retail Widget (https://wordpress.org/plugins/blaze-widget/) - 10 installs

Wrapper Link Elementor (https://wordpress.org/plugins/wrapper-link-elementor/) - 1,000 installs

Contact Form 7 Multi-Step Addon (https://wordpress.org/plugins/contact-form-7-multi-step-addon/) - 700 installs

Simply Show Hooks (https://wordpress.org/plugins/simply-show-hooks/) - 4,000 installs