- What? Easy SMTP Plugin: version v1.3.9 – Vulnerable!
- When? The vulnerability, found in version v1.3.9, has been exploited by hackers since at least March 15 (11:00 am UTC), and was caught by the Web Application Firewall for WordPress, NinjaFirewall (WP Edition) as well as Cerber Security, Antispam & Malware Scan.
Recently a vulnerability was disclosed and patched in the popular WordPress plugin Easy WP SMTP. Hackers exploiting this vulnerability were able to inject malicious code using this critical zero-day vulnerability which allowed unauthenticated users to modify
WordPress options among other malicious actions. The popular Easy WP SMTP plugin has over 300,000+ active installations. Thousands of WordPress users were affected.
Safe Alternatives to Easy SMTP? WP Mail
No GlowFrog Hosting customers were affected by this hack, but we are still encouraging members of the GlowFrog Hosting family to ensure their plugins are up-to-date to help prevent future hacks.
We are sorry that this post was not useful for you!
Let us improve this post!
Tell us how we can improve this post?