This section describes the installation of a fake plugin Super Socialat spreading in WordPress.

The most increasing hacker exploits as of 2024 super_socialat.php

The most common hacker malicious access detected by WordPress Doctor today is access to the following URL

/wp-content/plugins/super-socialat/super_socialat.php

This file is a rogue plugin installed by a hacker on a WordPress site that has already been compromised due to a vulnerability in WordPress or a password that has been broken , and another hacker is accessing the site with this plugin in an attempt to further hack it The following is a list of the most common problems with this plugin.

Thus, a WordPress site can be targeted by multiple hackers in a successful hacking attempt, and multiple hackers can embed large amounts of backdoors and malware into the site. In this case, a large number of low-quality programs can be embedded in the server, which can cause the site to fail to display or cause other negative effects at an accelerated rate.

What is Super Socialat?

This plugin does not exist in the official WordPress directory, nor in any paid plugins. However, a plugin called Super Socializer does exist, and Super Socialat disguises itself by outputting the same name and description as that plugin.

The folder name of the legitimate plugin called Super Socializer is super-socializer.

The folder name of the fake Super Socialat malware is super-socialat.

What if I am infected with the Super Socialat plugin?

If you see the Super Socializer plugin in the list of plugins in the WordPress admin screen and its folder name (plugin slug) is super-socialat, this plugin is a fake plugin that is actually a backdoor that allows users to edit, delete, or add files. This is a type of malware called a backdoor that can edit, delete, and add files.
We recommend that you stop the plug-in immediately, delete the folder, and check for other malware embedded in the plug-in.

Free WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].

Next, we will also take steps to close vulnerabilities.

Reference Minimum security precautions for WordPress sites

We recommend that malware scanning and security measures be performed on all sites on the server.

Reference Points to keep in mind when dealing with malware infection (tampering) of multiple WordPress sites across the server.