1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Popular WordPress plugin opens backdoor, steals user credentials

Discussion in 'Help Net Security' started by RSS, Mar 7, 2016.

  1. RSS

    RSS New Member Member

    If you are one of the 10,000+ users of the Custom Content Type Manager (CCTM) WordPress plugin, consider your site to be compromised and proceed to clean your installation up, Sucuri Security researchers have warned. After finding “a very suspicious auto-update.php file inside wp-content/plugins/custom-content-type-manager/ during the cleanup on an infected WP site, the researchers have begun digging, and discovered that: The file in question is a backdoor that can download additional files from a third-party … More →

    Continue reading...

Share This Page