Bleeping Computer: Backdoor Found in WordPress Plugin With More Than 200,000 Installations

Bleeping Computer: Backdoor Found in WordPress Plugin With More Than 200,000 Installations. “For the past two and a half months, a WordPress plugin named Display Widgets has been used to install a backdoor on WordPress sites across the Internet. The backdoor code was found between Display Widgets version 2.6.1 (released June 30) and version 2.6.3 (released September 2).”