1
The subject says it all.
Maybe offer an additional toggle in Defender Pro > Recommendations settings to disallow the plugin’s installation?
###
I’ve had several of my clients’ websites compromised within the past year or so. The WP Code plugin is simply too powerful for the WP Repo, IMHO.
The attacker:
– uses a compromised u/n & pass
– installs the WP Code plugin
– adds code that hides any evidence of the plugin’s installation
– does their damage
I’m not certain what damage they’re actually doing though, and I’m still unsure on that. The site will start having weird oddities, but still runs as expected.
Something “deep” has to be happening in the background, as there’s too much involved to not be doing something that sneaky.
