Most times when a WordPress plugin in the Plugin Directory contains a security issue it is due to poor coding, not someone taking intentional action. But last week a case where malicious code had been intentionally added to a plugin occurred. While this isn’t an every day occurrence, it isn’t unheard off, a previous occurrence was discovered in January.

So what happened? On February 18 the first of two pieces of malicious code was added to version 0.9.8.8 of the plugin Custom Content Type Manager. On Tuesday, March 1st, there started to be public discussion of hackings due to the malicious code that had been added to the plugin. By Saturday the people running the Plugin Directory had removed the plugin from the directory, which occurs if they become aware of a security issue in the current version of the plugin, and released a new version, 0.9.9.9, which removed the malicious code. [Read more]