Accordion and Accordion Slider WordPress Plugin Backdoor Vulnerability

A backdoor vulnerability has been injected into the Accordion and Accordion Slider WordPress plugin, specifically in version 1.4.6. This issue arises from the plugin being sold to a malicious actor who embedded the backdoor, allowing for unauthorized access and the injection of spam into affected sites. The backdoor was activated on April 5-6, 2026, after being dormant for eight months.

Impact

Exploitation of this vulnerability allows for unauthorized access to the WordPress site, with the injected backdoor capable of executing malicious actions such as injecting spam or other harmful content. In this case, the backdoor was used to distribute SEO spam, visible only to Googlebot, thereby evading detection by site owners.

Remediation

Users can update to version 1.4.6.1 or a newer patched version. For those with the Essential Plugin suite, a manual patch is available by removing the backdoor module and updating the version header.