Poisoned plugin allowed hackers to post spammy content on up to 200,000 WordPress websites
As many as 200,000 websites may have been running a WordPress plugin that allowed third parties to publish any content they wished on victims’ sites via a backdoor. Watch out for supply chain attacks that could impact your website…
Read more in my article on the Tripwire State of Security blog.