A single threat actor appears to be behind a majority of the attacks on WordPress sites, researchers say. The attacks are focused on planting a backdoor on the victim site, they say. Many of the vulnerabilities the threat actor has targeted have been exploited in previous campaigns. The sheer volume and variety of attacks suggest the attacks are not targeted. The large-scale attacks are another reminder of the risks WordPress operators run in using third-party plug-ins on their sites, says a security expert at PerimeterX.”]
Source: https://www.darkreading.com/attacks-breaches/attacks-on-wordpress-sites-surge