Given that just under half of all websites in the world are powered by the WordPress content management system, it’s no wonder cybercriminals are constantly looking for loopholes to exploit it. This past March, cybersecurity researchers at the hosting company GoDaddy described a campaign that began in 2016 and has since compromised more than 20 000 WordPress websites worldwide.
https://www.kaspersky.com/blog/dollyway ... tes/53506/