Month in WordPress: June 2024

1. Supply chain attack on WordPress.org plugins WP Team: We identified that some plugin authors were reusing passwords exposed in data breaches elsewhere. The compromised accounts were not the result of an exploit on WordPress.org. Instead, the attackers used recycled passwords to add malicious code to a few plugins on the WordPress.org Plugin Directory. This […]