WP Beacon

← All acquirers

WidgetLogics (malicious takeover) malicious

1 mapped plugins · 1 currently tracked · 100k+ active installs combined · 1 closed · 1 audit

⚠ Confirmed malicious campaign

Acquired widget-logic 2024-06, registered widgetlogic.org as fresh C2 domain, weaponized 2 months later via external JS callback. See https://anchor.host/how-i-caught-a-wordpress-plugin-supply-chain-attack/

Flagged 18h ago.

Plugin Prior owner Acquired Installs Last release Status
Widget Logic
widget-logic
 Alan Trewartha 2024-06-06 100k+ Closed

Linked audits (1)

# Plugin Verdict Cleanup Started Closed
#10 Widget Logic Malicious closed_by_wporg 10d ago 10d ago

IOCs from this campaign (8)

Kind Value Confidence From audit
code_pattern widget_logic_getServiceVersion high #10
code_pattern widget-logic_live_match_widget high #10
code_pattern WORDPRESS_PLUGIN_WGL_BASE_URL high #10
domain widgetlogic.org high #10
filename widget_cfg.php high #10
url https://widgetlogic.org/v2/js/data.js high #10
changelog_phrase source of sports information medium #10
code_pattern live_match_widget medium #10