Bleeping Computer

Attackers use abandoned WordPress plugin to backdoor websites

Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. Eval PHP is an old WordPress plugin that allows site admins to embed PHP ...
TechRadar

This old WordPress plugin is being used to hack compromised websites

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Update: The WordPress Plugin Team has confirmed to TechRadar Pro that the Eval PHP plugin has ...
ZDNet

PHP Everywhere code execution bugs impact thousands of WordPress websites

Critical remote code execution (RCE) vulnerabilities in a popular WordPress plugin have been made public. The RCE bugs impact PHP Everywhere, a utility for web developers to be able to use PHP code in ...