Hackers have come up with a new method of installing backdoored plugins on websites running the open-source WordPress CMS. This new technique relies on using weakly protected WordPress.com accounts and the Jetpack plugin. The number of compromised sites is unknown, and detecting compromised sites also difficult. Hackers are using these backdoors to redirect users to spam and tech support scams. Attackers can easily upload ZIP file with malicious code that then gets sent to each site with the malicious code.
Source: https://www.bleepingcomputer.com/news/security/hackers-find-new-method-of-installing-backdoored-plugins-on-wordpress-sites/