URL has been copied successfully!
Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites


Tags: , ,

An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites.When a site administrator was logged in as the file loaded, the code created an admin account under the attacker’s control and installed a hidden plugin that opened a way back in. Ordinary visitors did not trigger it

First seen on thehackernews.com

Jump to article: thehackernews.com/2026/06/popular-wordpress-plugin-scripts.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Stealthy Malware in WordPress Sites Enables Remote Code Execution by Hackers
  2. Fake resumes targeting HR managers now come with updated backdoor
  3. Premium WordPress ‘Motors’ theme vulnerable to admin takeover attacks
  4. DKnife targets network gateways in long running AitM campaign