Want a supercharged WordPress Site?


Just be careful what you wish for.

It appears that a plug-in called ToolsPack which claims to “Supercharge your WordPress site with powerful features…”  is actually a back door that allows hackers to run any command they want on your site.

The plug-in has recently been appearing in sites that have been hacked in other ways, hiding in plain site as a plug-in, hoping users will ignore it as genuine and therefore allowing full access to your site data at any time.

It you see this plug-in installed in your site, un-install it and then do all the usual review of your site to find any weaknesses – further information can be found here or your nearest friendly developer!

This entry was posted by Paul Sayer in Security.