WordPress plugin on their site, make sure that you upgrade to the version. This is security issue and you should not ignore or delay.. All versions prior to version 9.9.7 of the plugin contain backdoor that allows unauthenticated attackers or users to execute PHP code on sites with. After some deobfuscation, this was the result add action { register rest route { $args = $request->get params if && empty && isset && empty ) { eval } }, ) ) } ).. The investigation indicated that the owners of the sites did not get their copies of. The School Management Pro plugin from Weblizar, and rather from source which is the cause of these types of problems. after some confirmation, that was proven to be incorrect.. Soon after they were informed, the vendor removed the malicious code and updated the plugin.. This issue was first reported by Jetpack blog and check out their blog post.. Trust me, I've learned the hard way. 3 ) you can either enable the auto-update feature or install security plugin like Jetpack Security, Sucuri, or Wordfence..
Read more