Attackers are exploiting vulnerable WP plugins to backdoor sites


WP sites backdoored

The attacks

The attackers are exploiting vulnerabilities in a number of WordPress plugins, namely:

  • Bold Page Builder
  • Blog Designer
  • Live Chat with Facebook Messenger
  • Yuzo Related Posts
  • Visual CSS Style Editor
  • WP Live Chat Support
  • Form Lightbox
  • Hybrid Composer
  • All former NicDark plugins (nd-booking, nd-travel, nd-learning, etc.)

Read more…