Someone Bought 30 WordPress Plugins and Planted a Backdoor in All of Them.

Welcome • User Guide
ToS • Privacy • Canary
Donate • Bugs • License

©2026 Poal.co

1.1K

•

Someone Bought 30 WordPress Plugins and Planted a Backdoor in All of Them. (anchor.host)

From the post:

>Last week, I wrote about catching a supply chain attack on a WordPress plugin called Widget Logic. A trusted name, acquired by a new owner, turned into something malicious. It happened again. This time at a much larger scale.

Archive: https://archive.today/fQvSm From the post: >>Last week, I wrote about catching a supply chain attack on a WordPress plugin called Widget Logic. A trusted name, acquired by a new owner, turned into something malicious. It happened again. This time at a much larger scale.

You are currently inside a comment thread.

Click here to see all the comments (4).

[–] • 1 pt

oh you need some simple functionality that should be an obvious core capability? just install the plugin written by… jakhreer shabdar, and pray it doesn’t break.

parent
link

[–] • 1 pt

Hits head against wall while "client" decided the needed -cool new plugin- and paid extra so they could have rights to install plugins when it became easy to.

Fired everyone. Fuck them all.

parent
link