TechRepublic

Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites

More than 30 WordPress plugins were shut down after a supply-chain backdoor compromised thousands of sites through the Essential Plugin portfolio. A web developer discovered dozens of malicious ...
Bleeping Computer

Fake jQuery files infect WordPress sites with malware

Security researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named ...
Searchenginejournal.com

Why WordPress 5.5 is Breaking Sites

WP 5.5 deprecated support for jQuery Migrate may have caused at least 50,000 broken sites. An issue with how themes handle pagination is causing other sites to break after updating to 5.5. That’s a ...
Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...

Funnel Builder WordPress plugin bug exploited to steal credit cards

A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages.

Funnel Builder WordPress plugin exploited to steal credit card details

Funnel Builder WordPress plugin is being exploited to steal people's credit cards but the flaw has since been patched.