The same as above. This plugin was injected into a client site and created a redirect. It was detected by security but when it was removed the site went down. The question here is how are the hackers delivering the plugin to sites that do not have it installed?
