Attention WordPress users! A significant security threat has emerged involving a malicious plugin creating a hidden administrator backdoor on affected websites. This critical vulnerability allows attackers to gain unauthorized and persistent full admin access without detection.
The exploit works by inserting code that establishes a secret entry point, bypassing standard login procedures and security measures. Once the backdoor is in place, the attackers can control your website, steal data, inject malicious code, redirect visitors, or completely compromise your online presence.
This highlights the immense importance of scrutinizing every plugin installed on your site. Even plugins with initially legitimate functions can be updated with harmful code or acquired by malicious actors. Falling victim to such a backdoor attack can have devastating consequences for your website security and reputation.
To protect your site, it is crucial to regularly audit your installed plugins and themes, ensuring they are from trusted sources and kept updated. Employing a robust security scanning solution that checks for known vulnerabilities and suspicious file changes is also highly recommended. If you suspect your site might be affected, immediate action is required to identify and remove the compromised plugin and the created hidden backdoor. Maintaining vigilant website security practices is your best defense against these sophisticated threats.
Source: https://blog.sucuri.net/2025/06/malicious-wordpress-plugin-creates-hidden-admin-user-backdoor.html
