A supply chain attack has compromised three popular WordPress plugins, potentially allowing attackers to take control of websites that use them. The attack, discovered by the ecommerce security firm Sansec, targeted OptinMonster, TrustPulse, and PushEngage, all operated by the WordPress vendor Awesome Motive.