Smart Slider updates hijacked to push malicious WordPress, Joomla versions

Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version ...

File read flaw in Smart Slider plugin impacts 500K WordPress sites

A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, can be exploited to allow subscriber-level users access to arbitrary files on the server.
The Hacker News

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

Backdoored Smart Slider 3 Pro v3.5.1.35 update distributed for 6 hours via compromised infrastructure, enabling RCE and data ...

Top WordPress slider plugin hijacked to spread malware — here's what to look out for

A tainted version was pushed as an update to more than 800,000 active websites.
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...
Hosted on MSN

Around 500,000 WordPress websites could be at risk from crucial plugin security flaw

Smart Slider 3 WordPress plugin (used on 800,000 sites) carried Arbitrary File Read flaw enabling access to sensitive server files Vulnerability allowed even low-privileged accounts to exfiltrate ...
Searchenginejournal.com

WordPress Update 6.2.1 Causing Sites To Break

A recent WordPress security update featuring multiple security fixes is also causing some sites to stop functioning, causing one developer to exclaim, “This is chaos!!” The update removed a key ...
Arabian Post

Plugin trust crisis hits WordPress

More than 30 WordPress plugins tied to the developer Essential Plugin were taken offline after a hidden backdoor was found in code distributed to live websites, exposing site owners to unauthorised ...