Press ESC to close · ↑↓ to navigate · Enter to select
LIVE MONITORING
Medium Advisory N/A

Medium: WordPress Plugin Supply Chain Attack

Published: February 26, 2026 CVSS: 7.5

Affected Systems

Multiple WordPress plugins via compromised developer accounts

Multiple WordPress plugins were compromised through stolen developer credentials, with malicious code injected into plugin updates. The backdoors created admin accounts and exfiltrated site data.

Mitigation Steps

  1. Audit all installed plugins
  2. Enable two-factor authentication for WordPress accounts
  3. Monitor plugin update changelogs