Doctor Web discovered a malicious Linux program that exploits websites running WordPress CMS. It exploits 30 vulnerabilities in a number of plugins and themes for this platform.
If the site uses outdated versions of one of these vulnerable add-ons are successfully exploited, the targeted page is injected with a malicious JavaScript that is downloaded from a remote server.
As a result, when the infected page is loaded, this JavaScript will be initiated first and when a user clicks on any area of a compromised page, they are redirected to other sites.
https://news.drweb.com/show/?i=14646&lng=en&c=23
Linux Backdoor Malware infects WordPress Sites