Yikes, this is scary. Thomas J. Raef reports that WordPress management consoles such as ManageWP, WPUmbrella, and MainWP have been used to compromise connected child sites. It seems the exact way the parent sites are being compromised is not certain, but possibly from site admins using open WiFi networks. There isn’t an indication that ManageWP, WPUmbrella, or MainWP themselves have been hacked.
WordPress Sites Attacked Via Management Consoles
Thomas Raef @ wewatchyourwebsite.com • 8 months ago