A long-dormant backdoor has been uncovered in the “Quick Page/Post Redirect Plugin,” a popular WordPress add-on with over 70,000 active installations. The tampered plugin, specifically version 5.2.3, contained two distinct malicious features. First, it featured a passive content injection mechanism. On every page viewed by a logged-out user, the plugin connected to a third-party server […]

The post Backdoored WordPress Plugin Abuses Remote Update Checker for Silent Code Delivery appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/backdoored-wordpress-plugin-abuses-remote-update-checker/