MalwareBleeping Computer
8.0 — CRITICAL
Popular WordPress redirect plugin hid dormant backdoor for years
The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that allows injecting arbitrary code into users' sites. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
A popular WordPress plugin, Quick Page/Post Redirect, had a dormant backdoor added five years ago that allows injecting arbitrary code into users' sites, posing a risk to over 70,000 infected websites.
⚙️Technical Details
Affected Systems
Over 70,000 WordPress sites
💥Impact Assessment
Severity: High
Who Is at Risk
Website owners and administrators of infected WordPress sites
🛡️Recommended Actions
1Uninstall the Quick Page/Post Redirect plugin immediately
2Replace it with a clean copy of version 5.2.4 sourced from WordPress.org when available again
3Monitor website activity for suspicious behavior and update plugins regularly
📦Affected Products
Product Name: Quick Page/Post Redirect pluginVersion Numbers:5.2.15.2.2
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.