13 Sep Security Alert: If you’re using the plug-in Display Widgets, remove it immediately.
If you have a plugin called “Display Widgets” on your WordPress website, remove it immediately. The last three releases of the plugin have contained code that allows the author to publish any content on your site. It is a backdoor.
The authors of this plugin have been using the backdoor to publish spam content to sites running their plugin. During the past three months the plugin has been removed and readmitted to the WordPress.org plugin repository a total of four times. The plugin is used by approximately 200,000 WordPress websites, according to WordPress repository.
Read the rest of the article from WordFence here.
Don’t know if you’re even using the Display Widget plug-in? Give us a call! We can help!