US EditionThousands of Wordpress Sites in Danger After Massive Attack on Popular Plugins
7 Articles
7 Articles
WordPress security is under threat after the discovery of malicious code infiltrated into dozens of popular plugins.
On April 8, WordPress.org decided to close 31 extensions. Same publisher, same wallet, same attack, but what happened?. We have to go back to the end of 2024, when Minesh Shah, co-founder of the studio behind the Essential Plugin suite, put on sale all his tools on Flippa. The latter is a marketplace specialized in [...]
On April 6, 2026, for six hours and forty-four minutes, thousands of web pages served SEO spam hidden from Google without their owners knowing. The reason: an attacker had purchased more than 30 WordPress plugins at the Flippa marketplace for a sum of six figures at the beginning of 2025, had planted a back door eight months earlier in an apparently innocuous update, and had patiently waited to activate it. The case, reported by Alina Maria Stan…
WordPress.org has closed 31 extensions permanently in one day. All belonged to the same publisher, Essential Plugin, bought in early 2025 on a public marketplace. In the analysis published on April 8, Austin Ginder, founder of Anchor Hosting, explains that the attack was prepared eight months upstream.
The acquisition of a catalog of WordPress plugins by a malicious actor has paved the way for a sophisticated attack. A long sleepy backdoor has been activated there.
An attack by the supply chain hit WordPress at the beginning of April. An individual bought about 30 plugins via the Flippa marketplace, injected malicious code into it and waited eight months before enabling it. WordPress closed the 31 plugins concerned on April 7, but the official update is not enough to clean the affected sites. The attack is formidable by its simplicity. An individual, identified under the name "Kris", bought for several hun…
Coverage Details
Bias Distribution
- 100% of the sources lean Right
Factuality
To view factuality data please Upgrade to Premium
