From bleepingcomputer.com
Malicious plugins that hide in plain sight and act as backdoors are used by attackers to gain and maintain a foothold on WordPress websites, and to upload web shells and scripts for brute-forcing other sites.
For instance, some of these fake plugins with backdoor functionality — named initiatorseo or updrat123 by their creators — were seen cloning the functionality of the highly popular backup/restore WordPress plugin UpdraftPlus, with a current active number of over two million installations.