Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites

Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites

The first StrictlyVC of 2026 hits San Francisco. Tickets are going fast. Register now. Save up to $680 on your Disrupt 2026 pass. Ends 11:59 p.m. PT tonight. REGISTER NOW. TechCrunch Desktop Logo TechCrunch Mobile Logo LatestStartupsVentureAppleSecurityAIApps EventsPodcastsNewsletters SearchSubmit Site Search Toggle Mega Menu Toggle Topics Latest Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites Zack Whittaker 11:31 AM PDT · April 14, 2026 Dozens of plug-ins for the widely used open source web blogging software WordPress are now offline after a backdoor was discovered in them, used to push malicious code to any website that relied on the plug-ins. The backdoor was discovered after a new corporate owner bought these plug-ins. Anchor Hosting founder Austin Ginder sounded the alarm in a blog post last week describing a supply chain attack on a WordPress

Source: https://techcrunch.com/2026/04/14/someone-planted-backdoors-in-dozens-of-wordpress-plugins-used-in-thousands-of-websites/