"Attackers Use Abandoned WordPress Plugin to Backdoor Websites"

Attackers are injecting stealthy backdoors into websites using Eval PHP, an outdated WordPress plugin. Eval PHP is an outdated WordPress plugin that enables site administrators to embed PHP code on WordPress pages and posts, which is then executed when the page is loaded in the browser. The plugin has not been updated in a decade and is generally regarded as abandonware, but it is still accessible via the WordPress plugins repository. According to the website security company Sucuri, the use of Eval PHP to embed malicious code on seemingly harmless WordPress pages increased in April 2023, with an average of 4,000 malicious installations per day of the WordPress plugin. The primary advantage of this method over traditional backdoor injections is that Eval PHP can be used to reinfect cleaned sites while the point of compromise remains relatively hidden. This article continues to discuss attackers' use of the old Eval PHP WordPress plugin to compromise websites.

Bleeping Computer reports "Attackers Use Abandoned WordPress Plugin to Backdoor Websites"