The Droid Guy

How to Identify Which WordPress Plugin or Theme Is Blocking Your PHP Update and Preventing ...

If you’ve logged into your WordPress dashboard and seen the warning that your site is running on PHP 7.4.33, you’re not alone. This outdated version no longer receives security updates, which makes ...
ZDNet

PHP Everywhere code execution bugs impact thousands of WordPress websites

Critical remote code execution (RCE) vulnerabilities in a popular WordPress plugin have been made public. The RCE bugs impact PHP Everywhere, a utility for web developers to be able to use PHP code in ...
Bleeping Computer

Plugins on WordPress.org backdoored in supply chain attack

A threat actor modified the source code of at least five plugins hosted on WordPress.org to include malicious PHP scripts that create new accounts with administrative privileges on websites running ...
Bleeping Computer

Over 90 WordPress themes, plugins backdoored in supply chain attack

A massive supply chain attack compromised 93 WordPress themes and plugins to contain a backdoor, giving threat-actors full access to websites. In total, threat actors compromised 40 themes and 53 ...
Ars Technica

Researchers find backdoor lurking in WordPress plugin used by schools

Researchers said on Friday that they found a malicious backdoor in a WordPress plugin that gave attackers full control of websites that used the package, which is marketed to schools. Jetpack said it ...