Cybersecurity firm Sucuri has uncovered a new wave of attacks targeting
WordPress websites by exploiting an abandoned plugin called Eval PHP.
WordPress websites by exploiting an abandoned plugin called Eval PHP.
The plugin hasn’t been updated for more than a decade, allowing it to become a
powerful tool for hackers, who use it to inject backdoors into websites to gain
unauthorized access.
Eval PHP was initially designed to let users execute PHP code within their
WordPress posts and pages. However, the plugin has long been considered
abandonware, with its develop