Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Dozens of plugins for the widely used open source blogging software WordPress are now offline after a backdoor was discovered in them, used to push malicious code into any website that relies on the plugins. The backdoor was discovered after a new company owner purchased these plugins.
Anchor Hosting founder Austin Ginder sounded the alarm In a blog post last week Describe a supply chain attack on a WordPress plugin maker called Essential Plugin. Jinder told someone last year Bought the basic plugin The backdoor was soon added to the plugin source code. The backdoor remained dormant until earlier this month when it was activated and began distributing malicious code to any website that had the plugins installed.
Basic plugin he says on his website It has over 400,000 plugin installations and over 15,000 customers. WordPress plugin installation page He says The affected plugins are in over 20,000 active WordPress installations.
Plugins allow WordPress-based website owners to extend a site’s functionality, but in doing so, the plugins give access to their installations, which can open those websites to malicious extensions and potential compromises. But Ginder warned that WordPress users are not notified of any change in plugin ownership, exposing users to potential takeover attacks by their new owners.
According to Jinder, that is Second kidnapping From a WordPress plugin that was discovered within a few weeks. Security researchers have Long warned One of the risks is that malicious actors purchase software and change its code in order to penetrate a large number of computers around the world.
While plug-ins Removed From the WordPress guide and now listing its closure as “permanent,” Ginder warned that WordPress owners should check if they still have one of the malicious plugins installed and remove it. Ginder has a list of affected plugins In the blog post.
Essential Plugin representatives did not respond to a request for comment.