Skip to main content

WordPress websites compromised by plug-in flaw

An estimated 50,000 websites ware compromised so far, due to MailPoet Newsletter plug-in flaw.

The security flaw allows attackers to upload PHP files on the server and take control of the website.
The flaw was fixed in the version 2.6.7 of the plug-in, so be sure you update it, if using.

The Web security firm Sucuri also spotted injection attacks on vulnerable websites, PHP backdoor files being injected into thousand of WordPress websites