Description
After a WordPress website is compromised, some attackers install a fake backdoor WordPress plugin to maintain access to the compromised website. This plugin is called Super Socialat and can be used to execute arbitrary PHP code.
The backdoor is present in the file /wp-content/plugins/super-socialat/super_socialat.php.
Remediation
Remove the Super Socialat backdoor plugin by deleting the file /wp-content/plugins/super-socialat/super_socialat.php.
References
Related Vulnerabilities
WordPress Plugin WordPress Popular Posts Multiple Vulnerabilities (5.3.2)
WordPress Plugin WPE Indoshipping Multiple Remote File Inclusion Vulnerabilities (2.5.0)
WordPress Plugin Yoast SEO Possible Remote Code Execution (9.1.0)
Horde Imp Unauthenticated Remote Command Execution
WordPress Plugin Dynamic Content for Elementor Remote Code Execution (1.9.5.6)