WordPress Plugin Comes With a Backdoor, Steals Admin Credentials In Cleartext [↗]

This backdoor also allows him to download files which add his own admin account to the site, and even alter core WordPress files so every time a user logs in, edits his profile, or a new user account is created, the user’s password is collected (in cleartext) and sent to his server.

This sucks and I feel sorry for anyone who has fallen victim to this. That said, it’s a pretty good reminder for people to run regular audits on all their installed plugins. Note, the plugin has now been removed from the plugin directory.

Tagged with:

Leave a comment

Note: Please be excellent (this is not YouTube and I reserve the right not to publish comments from muppets.) Your email address will not be published. Required fields are marked *