WordPress Plugin Vulnerabilities

Pipdig Power Pack < 4.8.0 - Vendor Backdoors & Suspicious Code

Description

The p3 WordPress plugin was affected by a Vendor Backdoors & Suspicious Code security vulnerability.

Affects Plugins

Plugin icon
p3
Fixed in 4.8.0

References

URL
https://www.wordfence.com/blog/2019/03/peculiar-php-present-in-popular-pipdig-power-pack-plugin/
URL
https://www.jemjabella.co.uk/2019/security-alert-pipdig-insecure-ddosing-competitors/
URL
https://www.pipdig.co/blog/some-serious-accusations/

Miscellaneous

Original Researcher
Wordfence
Submitter
Ryan Dewhurst
Submitter website
https://wpscan.io
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
916fdfb3-4ee5-4bdc-be2e-02d5986d2856

Timeline

Publicly Published
2019-03-29 (about 7 years ago)
Added
2019-04-01 (about 7 years ago)
Last Updated
2019-11-25 (about 6 years ago)

Other

Published
Title
Published
2024-06-24
Title
Various Plugins - Injected Backdoor
Published
2020-02-27
Title
wpdefault - Backdoor Plugin
Published
2026-04-07
Title
Smart Slider 3 Pro 3.5.1.35 - Compromised Plugin
Published
2025-07-11
Title
GravityForms 2.9.11.1 / 2.9.12 - Malware Compromise
Published
2017-09-10
Title
Display Widgets 2.6.0-2.6.3.1 - Backdoored