Bleeping Computer

Attackers use abandoned WordPress plugin to backdoor websites

Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. Eval PHP is an old WordPress plugin that allows site admins to embed PHP ...
TechRadar

This old WordPress plugin is being used to hack compromised websites

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Update: The WordPress Plugin Team has confirmed to TechRadar Pro that the Eval PHP plugin has ...
Tweakers

PHP (Wordpress) Plugin Developer

At Really Simple Plugins we develop WordPress plugins where our goal is to make complex topics 'really simple'. Our most renown plugins are Really Simple SSL (>4 million users) and Complianz (>1 ...
Bleeping Computer

PHP Everywhere RCE flaws threaten thousands of WordPress sites

Researchers found three critical remote code execution (RCE) vulnerabilities in the 'PHP Everywhere' plugin for WordPress, used by over 30,000 websites worldwide. PHP Everywhere is a plugin that ...
Infosecurity Magazine

Avada Builder Flaws Expose One Million WordPress Sites

Two newly disclosed vulnerabilities in the Avada Builder WordPress plugin have placed around one million sites at risk of ...
Hosted on MSN

Hybrid strategies emerge for secure, high-speed WordPress sites

Security as partnership: WP Engine urges regular updates to core, plugins, and PHP, alongside careful theme and plugin selection to reduce exposure to threats. Blended performance approach: ...