Hackers Exploit Abandoned WordPress Plugin ‘Eval PHP’ to Compromise Websites

Cybersecurity firm Sucuri has uncovered a new wave of attacks targeting WordPress websites by exploiting an abandoned plugin called Eval PHP. The plugin hasn’t been updated for more than a decade, allowing it to become a powerful tool for hackers, who use it to inject backdoors into websites to gain unauthorized access. Eval PHP was initially designed to let users execute PHP code within their WordPress posts and pages. However, the plugin has long been considered abandonware, with its develop