Bleeping Computer

Backdoor Found in WordPress Plugin With More Than 300,000 Installations

A WordPress plugin installed on over 300,000 sites was recently modified to download and install a hidden backdoor. The WordPress team has intervened and removed this plugin from the official ...
GitHub

Download and extract wordpress plugins that match an active install threshold.

I needed to audit wordpress plugins that had >= 200k active installations. I was manually checking plugins as a start so I ended up writing this little client to collect, extract and search wordpress ...
Bleeping Computer

Hunk Companion WordPress plugin exploited to install vulnerable plugins

Hackers are exploiting a critical vulnerability in the "Hunk Companion" plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. By installing ...
Houston Chronicle

How to Install an AdWords Tracking Code Plugin for WordPress

Keeping tabs on how visitors use your company's website helps you to understand traffic and purchasing patterns, which can in turn help you optimize and monetize your content. Google's AdWords service ...
TechRadar

Another major WordPress plugin has been hacked to try and hijack your sites

Researchers from WPScan find flaw in Hunk Companion, a plugin with roughly 10,000 users The flaw allows crooks to install other plugins from the WP repository, including those with known RCE flaws ...
GitHub

WordPress Plugin Check Action

A GitHub action to run Plugin Check against your plugin. Results are posted as file annotations. The basic example above covers many use cases, but sometimes plugins can be a bit more complex and ...

CleanTalk WordPress Plugin Vulnerability Threatens Up To 200K Sites

CleanTalk WordPress plugin vulnerability affecting up to 200,000 sites could lead to remote code execution by unauthenticated attackers.