“Users have been left wondering whether they should continue trusting their own WordPress site, after it was revealed that software developers had administrative access to sites through code hidden behind a popular plugin.” – This seems to be isolated ton one plugin developer, but I wonder if we will see more of this.

Read More Here: https://portswigger.net/daily-swig/hidden-code-gives-plugin-developers-admin-access-to-wordpress-sites