You searched for mailpoet

WordPress Websites Continue to Get Hacked via MailPoet Plugin Vulnerability

Daniel Cid
October 9, 2014

The popular Mailpoet(wysija-newsletters) WordPress plugin had a serious file upload vulnerability a few months back, allowing an attacker to upload files to vulnerable sites. This…

Tony Perez
July 28, 2014

Many don’t know who I am. My name is Tony Perez, I’m the CEO of Sucuri. I have the pleasure of calling this company my…

Daniel Cid
July 23, 2014

A few weeks ago we found and disclosed a serious vulnerability on the MailPoet WordPress Plugin. We urged everyone to upgrade their sites immediately due…

Daniel Cid
July 1, 2014

Marc-Alexandre Montpas, from our research team, found a serious security vulnerability in the MailPoet WordPress plugin. This bug allows an attacker to upload any file…

0day Vulnerability in Easy WP SMTP Affects Thousands of Sites

Marc-Alexandre Montpas
March 21, 2019

The Easy WP SMTP plugin authors have released a new update, fixing a very critical 0day vulnerability. When leveraged, this vulnerability gives unauthenticated attackers the…

WordPress Malware – VisitorTracker Campaign Update

Daniel Cid
September 30, 2015

For the last 3 weeks we have been tracking a malware campaign that has been compromising thousands of WordPress sites with the VisitorTracker malware code.…

FBI Public Service Annoucement: Defacements Exploiting WordPress Vulnerabilities

Daniel Cid
April 7, 2015

The US Federal Bureau of Investigation (FBI) just released a public service announcement (PSA) to the public about a large number of websites being exploited…

Mickael Nadeau
October 30, 2014

If you’re using the popular WP eCommerce WordPress plugin (2,900,000 downloads), you should update it right away. During a routine audit for our Website Firewall…

Keir Desailly
October 23, 2014

Most authors of website malware usually rely on the same tricks, making it easy for malware researchers to spot obfuscated code, random files that don’t…

The WordPress Security Plugin Ecosystem

Tony Perez
September 16, 2014

As a child, did you ever play that game where you sit in a circle and one person is responsible for whispering something into one…

David Dede
August 15, 2014

As avid readers of this blog know, we’ve discovered or written about multiple vulnerabilities within the WordPress ecosystem over the last couple of weeks specifically…

mailpoet

WordPress Websites Continue to Get Hacked via MailPoet Plugin Vulnerability

Responsible Disclosure – Sucuri Open Letter to MailPoet and Future Disclosures

MailPoet Vulnerability Exploited in the Wild – Breaking Thousands of WordPress Sites

Remote File Upload Vulnerability in WordPress MailPoet Plugin (wysija-newsletters)

0day Vulnerability in Easy WP SMTP Affects Thousands of Sites

WordPress Malware – VisitorTracker Campaign Update

FBI Public Service Annoucement: Defacements Exploiting WordPress Vulnerabilities

Security Advisory – Medium Severity – WP eCommerce WordPress Plugin

Manipulating WordPress Plugin Functions to Inject Malware

The WordPress Security Plugin Ecosystem

Thoughts on WordPress Security and Vulnerabilities