WordPress: Security Update Required for Trojanized Plugins

WordPress just announced that the source code of three plugins for its popular blog-hosting software was maliciously modified. Plugins consist of add-in modules which you install on your WordPress server in order to implement additional functionality, instead of writing all the needed code yourself.

Where you might use a DLL with a Windows program - for example, to add a feature such as SSL support or an edit control into an existing application - you'd use a plugin with WordPress.

DLLs are usually written in a language such as C or C++ and compiled into native machine code; WordPress plugins are generally written in a mixture of JavaScript, PHP, HTML and CSS.

The link for this article located at Sophos is no longer available.