Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Malicious WordPress Plugin Creates Hidden Admin User Backdoor
Malware and Vulnerabilities
June 23, 2025
sucuri
A malicious WordPress plugin named php-ini.php was discovered that conditionally created a malicious admin user on infected websites. The plugin mimicked the legitimate wpforms plugin but only included a single file.
Read More
WordPress
Publisher
Previous
Anubis Ransomware Lists Disneyland Paris as New Victim
Breaches and Incidents
Next
Critical Authentication Bypass Vulnerability in Telepor ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_356313212.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/8205_shutterstock_1940652364.jpg)
