WordPress Easy WP SMTP zero-day Vulnerability Exposes Hundreds of Thousands of Sites to Hack

14 December 2020

Easy WP SMTP, a WordPress plugin, with more than 500,000 installations, allows one to configure and send all outgoing mails via a SMTP server, the major benefit of which is that the mails do not end up in the recipient’s junk/spam folder. The team managing this plugin had fixed a zero-day vulnerability affecting versions 1.4.2 (current version 1.4.4) and lower that would allow an unauthenticated user to reset the admin password which would enable the hacker to take complete control of the website.

Read full article on GBHackers

Date:

14 December 2020

Categorie(s):

NEWS

Tag(s):

Content-management Framework, Easy, Hacks, Open Source, Open Source Software

From Hackers to Streakers – How Counterintelligence Teams are Protecting the NFL – Joe McMann – ESW #35819 April 2024
Cybersecurity firm Wiz reportedly in talks to buy Lacework for $150M-$200M19 April 2024
Microsoft finds Kubernetes clusters targeted by OpenMetadata exploits18 April 2024
6 Best Free and Open-Source Web Application Firewalls18 April 2024
Ransomware feared as IT ‘issues’ force Octapharma Plasma to close 150+ centers18 April 2024