WordPress Plugin Backdoor: Why Your Trusted Tools Are a Risk
Why the EssentialPlugin WordPress Plugin Backdoor Feels Like the 2011 RSA/Lockheed Attack The Essential Plugin breach (CVE-2026-6443 on April 7, 2026) is a WordPress plugin backdoor attack, not a WordPress platform vulnerability. An anonymous buyer purchased the plugin suite on Flippa.com, planted backdoors in the update channel, and activated them across 400,000 sites. This follows...
