Dossier
arbitrary code injection
Coverage of arbitrary code injection in the Nexus archive.
- Popular WordPress redirect plugin hid dormant backdoor for years
The Quick Page/Post Redirect WordPress plugin, used by over 70,000 sites, contained a hidden backdoor added five years ago that enabled attackers to inject arbitrary code into users' websites.