Bleeping Computer

Backdoor Found in WordPress Plugin With More Than 300,000 Installations

A WordPress plugin installed on over 300,000 sites was recently modified to download and install a hidden backdoor. The WordPress team has intervened and removed this plugin from the official ...
Searchenginejournal.com

WordPress Plugins Begin Adopting Cloudflare CAPTCHA Alternative Turnstile

Cloudflare recently announced a privacy-focused alternative to CAPTCHA that is non-intrusive and free to use and the WordPress plugin community slowly begins adding support for the new solution. But ...
Digital Journal

WordPress plugin used by 300,000 websites hides a secret backdoor

The discovery was made by researchers at cybersecurity experts Wordfence. It impacts the Captcha plugin for the WordPress content management system. Captcha was developed by WordPress development firm ...
Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...
TechRadar

Dangerous WordPress plugin puts over 160,000 sites at risk - here's what we know

Older versions of Post SMTP allowed hackers to read all emails They could also reset the admin password and read the notification email, gaining access to the account More than 160,000 WordPress sites ...