Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
Bleeping Computer

WordPress force installs UpdraftPlus patch on 3 million sites

WordPress has taken the rare step of force-updating the UpdraftPlus plugin on all sites to fix a high-severity vulnerability allowing website subscribers to download the latest database backups, which ...

UpdraftPlus Vulnerability Exposes 3 Million WordPress Sites

Attackers can bypass WordPress authentication, run commands as an administrator, and then install malicious plugins on ...
ZDNet

Vulnerability found in WordPress plugin with over 3 million installations

Updates have been released for UpdraftPlus, a WordPress plugin with over 3 million installations, after a vulnerability was discovered by Jetpack security researcher Marc Montpas. Montpas said the ...
Threat Post

Severe WordPress Plug-In UpdraftPlus Bug Threatens Backups

An oversight in a WordPress plug-in exposes PII and authentication data to malicious insiders. The WordPress plug-in “UpdraftPlus” was patched on Wednesday to correct a vulnerability that left ...
Searchenginejournal.com

WordPress Backup Plugin Vulnerability Impacted 3+ Million Installations

Security researcher at Automattic discovered a vulnerability affecting popular WordPress backup plugin, UpdraftPlus. The vulnerability allowed hackers to download user names and hashed passwords.