Dozens of WordPress plugins were compromised with backdoors after being sold to a new corporate owner, affecting thousands of websites. The hijacked plugins were used to push malware, creating significant security vulnerabilities. This represents a sophisticated supply chain attack targeting the WordPress ecosystem.
Background
WordPress is the world's most popular content management system, powering over 40% of all websites. Its plugin ecosystem is a frequent target for attackers due to its widespread usage and varying security standards.
- Source
- TechCrunch
- Published
- Apr 15, 2026 at 02:31 AM
- Score
- 8.0 / 10