Someone Bought 30 WordPress Plugins and Planted a Backdoor in All of Them
Last week, I wrote about catching a supply chain attack on a WordPress plugin called Widget Logic. A trusted name, acquired by a new owner, turned into something malicious. It happened again. This time at a much larger scale. 30+Plugins compromised 31Closed by WordPress.org 8 monthsBackdoor dormant before activation 6 figuresPaid on Flippa for the portfolio A client reported a security notice they found in wp-admin. Ricky from Improve & Grow emailed us about an alert he saw in the WordPress dashboard for a client site. The notice was from the WordPress.org Plugins Team, warning that a plugin called Countdown Timer Ultimate contained code that could allow unauthorized third-party access. I ran a full security audit on the site. The plugin itself had already been force-updated…
