Fake Plugin Alert: WordPress Plugin and User Backup Tool

Fioravante Souza posted: " Earlier in 2021, I shared how an attacker could leverage leaked or weak credentials to install fake plugins on a compromised site. Although the plugin featured in that blog post has shown some small changes since it was posted, attackers can upload a var" New post on Jetpack: WordPress Security, Performance, and Growth Fake Plugin Alert: WordPress Plugin and User Backup Tool by Fioravante Souza Earlier in 2021, I shared how an attacker could leverage leaked or weak credentials to install fake plugins on a compromised site. Although the plugin featured in that blog post has shown some small changes since it was posted, attackers can upload a variety of malicious software using the same method; so in this article, I'll share with you another recent example (thanks to Luke Leal for sharing it with me). Read more of this post Fioravante Souza | July 1, 2021 at 11:00 am | Categories: Vulnerabilities | URL: https://wp.me/p1moTy-xbA Unsubscribe to no longer receive posts from Jetpack: WordPress Security, Performance, and Growth. Change your email settings at Manage Subscriptions. Trouble clicking? Copy and paste this URL into your browser: http://jetpack.com/2021/07/01/fake-plugin-alert-wordpress-plugin-and-user-backup-tool/ Thanks for flying with WordPress.com