WordPress Display Widgets Plugin installs backdoor
According to Slashdot , Bleeping computer saysa WordPress plug that goes by the name Display Widgets has been used to install a backdoor on WordPress sites across the internet for the past two and a half months.
It's unclear, but Versions 2.6.0, 2.6.1 and 2.6.3 seem to be affected at various stages, and the perpetrator is much more motivated and persistent than the volunteer keeping up the site - is Wordpress the next critical Core Open Source Internet Infrastructure component?
No comments:
Post a Comment