WordPress and other CMS

Vulnerability in WordPress plugin MailPoet

Leave a comment

A newly-identified bug in the popular WordPress plugin MailPoet exposes to hijacking any site using the plugin.

WordPress site admins who manage sites using MailPoet should upgrade to version 2.6.7 as soon as possible to avoid problems. WordPress sites are an extremely tempting target for nefarious hackers and news of this vulnerability has undoubtedly spread rapidly among them.

Update 2014Jul24: According to Sucuri, once a web server has been compromised via this MailPoet vulnerability, all sites on the server are vulnerable, including sites not even running WordPress or MailPoet. Ars Technica has more.

About jrivett

Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

View all posts by jrivett | Website

Leave a Reply

Your email address will not be published. Required fields are marked *