Risky Bulletin Newsletter
March 31, 2025
Risky Bulletin: Hackers abuse secret WordPress feature you'll probably want to disable
Presented by

News Editor
Hackers are abusing a little-known WordPress feature named Must Use Plugins to install and hide malware from site administrators.
Also known as mu-plugins, the Must Use Plugins feature was added to the WordPress CMS in 2022.
Plugins placed in a special folder named /mu-plugins are automatically installed and enabled on a website without users needing to manually approve them.