DMR News

Advancing Digital Conversations

News Americas Latest Newsbreak Technology

WordPress Plug-Ins Removed After Backdoor Discovered In Supply Chain Attack

ByJolyen

Apr 15, 2026

WordPress Plug-Ins Removed After Backdoor Discovered In Supply Chain Attack

Dozens of plug-ins for WordPress have been taken offline after a backdoor was found that allowed attackers to distribute malicious code to websites using the affected tools. The issue emerged following a change in ownership of the plug-ins’ developer, raising concerns about software supply chain risks.

Backdoor Discovery And Attack Timeline

Austin Ginder reported the issue in a blog post, identifying a supply chain attack involving a plug-in developer called Essential Plugin. According to Ginder, the company was acquired last year, after which a backdoor was inserted into the plug-ins’ source code.

The malicious code remained inactive for months before activating earlier this month, at which point it began delivering harmful payloads to websites running the compromised plug-ins.

Scale Of Impact

Essential Plugin states it has more than 400,000 plug-in installs and over 15,000 customers. Data from WordPress indicates that the affected plug-ins were active on more than 20,000 websites at the time of the incident.

Plug-ins extend the functionality of WordPress sites but require elevated access to core systems, which can increase exposure if compromised.

Ownership Changes And Security Risks

Ginder noted that WordPress does not notify users when a plug-in changes ownership. This gap can allow new owners to modify code without users’ awareness, creating opportunities for malicious activity.

He added that this incident represents the second known case in recent weeks where a WordPress plug-in was taken over and altered to introduce harmful code.

Response And Mitigation Steps

The affected plug-ins have been removed from the WordPress directory and are now marked as permanently closed. However, Ginder warned that websites with the plug-ins already installed remain at risk.

Users are advised to review installed plug-ins and remove any affected versions. A list of compromised plug-ins has been published in Ginder’s blog post.

Featured image credits: Flickr

For more stories like it, click the +Follow button at the top of this page to follow us.

Jolyen

As a news editor, I bring stories to life through clear, impactful, and authentic writing. I believe every brand has something worth sharing. My job is to make sure it’s heard. With an eye for detail and a heart for storytelling, I shape messages that truly connect.

Related News

Anthropic Briefed U.S. Government On Mythos Model Amid Ongoing Legal Dispute
Apr 15, 2026 Jolyen
Biointron Launches Comprehensive Antibody Developability Assessment Platform to Accelerate Biologic Drug Discovery
Apr 15, 2026 Ethan Lin
Fluidstack Seeks $1 Billion Funding At $18 Billion Valuation Amid AI Data Center Demand
Apr 15, 2026 Jolyen

Leave a Reply

Your email address will not be published. Required fields are marked *

DMR News (Digital Market Reports) is a brand of PulseDirect Communication LLC.

DMR News was established in 2020 to be a trusted source for digital market news and to encourage more conversations about the ever-evolving digital landscape. The inception of DMR News was marked by a recognition of the rapidly evolving digital landscape and the need for a dedicated platform that could keep pace with its constant transformations.

PulseDirect Communication LLC
Sheridan, WY 82801, USA

DMR News

Advancing Digital Conversations

© 2026 PulseDirect Communication LLC. All rights reserved. | 30 N Gould ST STE R, Sheridan, WY 82801