{ads}

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Written By Monday, 15 June 2026 Add Comment



June 15, 2026 at 03:29PM

An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites. When a site administrator was logged in as the file loaded, the code created an admin account under the attacker's control and installed a hidden plugin that opened a way back in. Ordinary visitors did not trigger it

from The Hacker News https://ift.tt/wokEW2H

0 Response to "Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads