50,000 Websites Hacked Through MailPoet WordPress Plugin Vulnerability

Categories: Security NewsTech NewsWhats On

50,000 Websites Hacked Through MailPoet WordPress Plugin Vulnerability

The users of WordPress, a free and open source blogging tool as well as content management system (CMS), that have a popular unpatched wordPress plugin installed are being cautioned to upgrade their sites immediately.

A serious vulnerability in the WordPress plugin, MailPoet, could essentially allows an attacker to inject any file including malware, defacements and spam, whatever they wanted on the server and that too without any authentication.

MailPoet, formerly known as Wysija Newsletter, is a WordPress plugin with more than 1.7 million downloads that allows developers running WordPress to send newsletters and manage subscribers within the content management system.

In a blog post, the security researcher and CEO of the security firm Sucuri, Daniel Cid, pointed out the vulnerability to be serious and said that within three weeks since the vulnerability unveiled, over 50,000 websites have been remotely exploited by the cybercriminals to install backdoors targeting the vulnerable MailPoet plugin. Read more

Bohn Inc

Previous « Media hackers behind E-toll billing problems: Minister

Published by

Bohn Inc

Tags: CrimehackedHackersMailPoetSecurityWordpress

12 years ago

Security News

Bohn Inc Blog

50,000 Websites Hacked Through MailPoet WordPress Plugin Vulnerability

Recent Posts

Media hackers behind E-toll billing problems: Minister

After Takedown, GameOver Zeus Banking Trojan Returns Again

Smart LED Lightbulbs Can be Hacked too; Vulnerability exposes Wi-Fi Passwords

How To Jailbreak iOS 7.1 And 7.1.1 Untethered Using ‘Pangu’ Jailbreak Tool

New Banking Malware with Network Sniffer Spreading Rapidly Worldwide

Microsoft Seized No-IP Domains