Attacker Bought 30 WordPress Plugins on Flippa and Backdoored All of Them

  1. Home
  2. Blog

Posted on Wed May 6 2026 | 3:30 pm

An attacker purchased 30+ WordPress plugins on Flippa for six figures, planted a PHP deserialization backdoor in the first commit, and waited eight months before activating it across 400,000 installations. The attack used Ethereum smart contracts to resolve C2. WordPress.org has no mechanism for reviewing plugin ownership transfers, a gap that npm and PyPI addressed years ago.

Read More →


Search
Categories
Side Widget
You can put anything you want inside of these side widgets. They are easy to use, and feature the new Bootstrap 4 card containers!