ATTACKER BUYS 30 WORDPRESS PLUGINS, ADDS BACKDOORS

Security researchers discovered that an individual acquired ownership of multiple WordPress plugins through the official marketplace and systematically added malicious code to each one. The backdoors allowed unauthorized access to affected websites. The plugins remained available for download before detection, meaning site administrators who installed or updated them during the window of compromise may have been affected. WordPress has removed the malicious plugins and notified affected users. This incident highlights vulnerabilities in how plugin ownership transfers are handled and the risks of relying on third-party code without verification. WordPress plugin supply chain attacks have increased in frequency, with attackers recognizing the ecosystem's reach across millions of websites. Site owners are advised to audit their installed plugins, remove any from the compromised list, and implement security monitoring to detect unauthorized access.