Security Stop-Press : WordPress Sites Being Hacked Through Old Plugin

Security Stop-Press : WordPress Sites Being Hacked Through Old Plugin

Cybersecurity researchers at GoDaddy-owned Sucuri have warned that an old plugin called Eval PHP, last updated a decade ago, is being used to hack WordPress websites. The plugin, which creates a backdoor and can mask its activities as cookies has been described as “dangerous.”

The advice is to:

  • Keep your website patched and up to date with the latest security releases.
  • Protect the admin panel behind 2FA or some another access restriction.
  • Regularly backup the website.
  • Use a web application firewall to block any bad bots and to virtually patch any known vulnerabilities.

Share Buttons
Hide Buttons