SecurityWeek

Abandoned WordPress Plugin Abused for Backdoor Deployment

Threat actors are installing the abandoned Eval PHP plugin on compromised WordPress sites and using it to inject malicious PHP code into web pages, WordPress security company Sucuri warns. An old ...
GitHub

barbxsa/PHP-Plugin-Cookies-to-Wordpress

Este é um plugin de consentimento de cookies para WordPress, desenvolvido para fornecer uma maneira simples de gerenciar o consentimento dos usuários em relação aos cookies. O plugin permite que os ...
Bitdefender

Hackers Exploit Abandoned WordPress Plugin 'Eval PHP' to Compromise Websites

Cybersecurity firm Sucuri has uncovered a new wave of attacks targeting WordPress websites by exploiting an abandoned plugin called Eval PHP. The plugin hasn’t been updated for more than a decade, ...
TechRadar

This old WordPress plugin is being used to hack compromised websites

Update: The WordPress Plugin Team has confirmed to TechRadar Pro that the Eval PHP plugin has been closed, citing concerns over its usage on compromised sites, its age, and the number of active ...
Bleeping Computer

Over 90 WordPress themes, plugins backdoored in supply chain attack

A massive supply chain attack compromised 93 WordPress themes and plugins to contain a backdoor, giving threat-actors full access to websites. In total, threat actors compromised 40 themes and 53 ...
SecurityWeek

Critical Code Execution Flaws Patched in ‘PHP Everywhere’ WordPress Plugin

Thousands of WordPress websites were impacted by three remote code execution vulnerabilities that were identified in the PHP Everywhere plugin, the Wordfence team at WordPress security company Defiant ...
Searchenginejournal.com

WordPress 5.6 and PHP 8 Compatibility

WordPress is updating soon to version 5.6 which aims to be compatible with PHP 8. However, WordPress cautioned that it should be considered “beta-compatible” and explained why upgrading to PHP 8 ...