In the last two weeks, the WordPress repository has closed three plugins because they contained content-injection backdoors. “Closing” a plugin means that it is no longer available for download from the repository, and will not show up in WordPress.org search results. Each of them had been purchased in the previous six months as part of the same supply chain attack, with the goal of injecting SEO spam into the sites running the plugins.
These are the 3 WordPress plugins. If you have any of these plugins, I recommend you to remove them immediately. See link below for comprehensive details.
These are the 3 WordPress plugins. If you have any of these plugins, I recommend you to remove them immediately. See link below for comprehensive details.
- Duplicate Page and Post
- NoFollow All External Links
- WP No External Links