Security News > 2016 > March > Popular WordPress plugin opens backdoor, steals user credentials (Help Net Security)

If you are one of the 10,000+ users of the Custom Content Type Manager (CCTM) WordPress plugin, consider your site to be compromised and proceed to clean your installation up, Sucuri Security researchers have warned. After finding “a very suspicious auto-update.php file inside wp-content/plugins/custom-content-type-manager/ during the cleanup on an infected WP site, the researchers have begun digging, and discovered that: The file in question is a backdoor that can download additional files from a third-party … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/r8ayM4XusxA/