by Paul Ducklin on June 22, 2011 | Leave a comment
Filed Under: Data loss, Featured, Malware, Privacy, Social networks, Vulnerability
WordPress just announced that the source code of three plugins for its popular blog-hosting software was maliciously modified.
Plugins consist of add-in modules which you install on your WordPress server in order to implement additional functionality, instead of writing all the needed code yourself
According to WordPress, the modified plugins were Trojanised to include backdoors.
The features to check:
* If you run your own installation of the WordPress platform.
* You use one of these plugins: AddThis, WPtouch, or W3 Total Cache.
* You updated your installed copy of one of those plugins in the past 48 hours from wordpress.org.