https://www.wordfence.com/blog/2017/09/coordinated-plugin-spam/
This entry was posted in WordPress Security on September 20, 2017 by Mark Maunder 16 Replies
On Tuesday last week we published a post that described how someone had released an update to the Display Widgets plugin which contained a backdoor that allowed them to publish content to any site using the plugin. We also described how they exploited that backdoor
Source: Security Feed