WebPagetest Forums

Full Version: Check your wordpress plugins [security alert]
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Looks like wordpress.org got hacked and the hackers got in and compromised a bunch of plugins (including W3TC). If you updated your plugins during the exposed period you'll want to make sure to update again to get the fixed versions.

Sorry, don't know more - just relaying what I've been reading: http://wordpress.org/news/2011/06/passwords-reset/

I haven't seen any information about what the malicious code did that was installed into the plugins - it could have been a benign back door or it could have wreaked all sorts of havoc while it was running.
Reference URL's