Yesterday a blogpost on wordpress.org reported to have found some suspecious commits on popular plugins.AddThis, WPtouch, and W3 Total Cache were the ones.They were found to have cleverly disguised Backdoors.Wordpress.org said that the authors were not responsible for those and sent updates to plugins.
As nothing is known on what happened, wordpress.org, bbPress.org and BuddyPress.org would require you to change your password to use the forums, trac, or commit to a plugin or theme, for security.
As a user, make sure to never use the same password for two different services, and we encourage you not to reset your password to be the same as your old one.Matt Mullenweg said on WordPress blogpost.
Also if you use AddThis, WPtouch, or W3 Total Cache there is a possiblity that you could have updated to the affected version of the plugin.So you are advised to upgrade now to the latest available version.Always keep your WordPress installation and plugins updated.Stay Safe!
You may also want to know more simple ways to secure your WordPress site.
Stay updated with such news.Subscribe to our newsletter. Share your views in comments!