• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Search Results for: mailpoet

October 9, 2014Daniel Cid

WordPress Websites Continue to Get Hacked via MailPoet Plugin Vulnerability

The popular Mailpoet(wysija-newsletters) WordPress plugin had a serious file upload vulnerability a few months back, allowing an attacker to upload files to vulnerable sites. This issue was disclosed months ago and the MailPoet team patched it promptly. It seems, though, that many website owners have…

Read More about WordPress Websites Continue to Get Hacked via MailPoet Plugin Vulnerability

July 28, 2014Tony Perez

Responsible Disclosure – Sucuri Open Letter to MailPoet and Future Disclosures

Many don’t know who I am. My name is Tony Perez, I’m the CEO of Sucuri. I have the pleasure of calling this company my family and everyday I work…

Read More about Responsible Disclosure – Sucuri Open Letter to MailPoet and Future Disclosures

July 23, 2014Daniel Cid

MailPoet Vulnerability Exploited in the Wild – Breaking Thousands of WordPress Sites

A few weeks ago we found and disclosed a serious vulnerability on the MailPoet WordPress Plugin. We urged everyone to upgrade their sites immediately due to the severity of the…

Read More about MailPoet Vulnerability Exploited in the Wild – Breaking Thousands of WordPress Sites

July 1, 2014Daniel Cid

Remote File Upload Vulnerability in WordPress MailPoet Plugin (wysija-newsletters)

Marc-Alexandre Montpas, from our research team, found a serious security vulnerability in the MailPoet WordPress plugin. This bug allows an attacker to upload any file remotely to the vulnerable website…

Read More about Remote File Upload Vulnerability in WordPress MailPoet Plugin (wysija-newsletters)

WordPress Vulnerability Detail

March 21, 2019Marc-Alexandre Montpas

0day Vulnerability in Easy WP SMTP Affects Thousands of Sites

The Easy WP SMTP plugin authors have released a new update, fixing a very critical 0day vulnerability. When leveraged, this vulnerability gives unauthenticated attackers the power to modify any options…

Read More about 0day Vulnerability in Easy WP SMTP Affects Thousands of Sites

September 30, 2015Daniel Cid

WordPress Malware – VisitorTracker Campaign Update

For the last 3 weeks we have been tracking a malware campaign that has been compromising thousands of WordPress sites with the VisitorTracker malware code. We initially posted some details…

Read More about WordPress Malware – VisitorTracker Campaign Update

April 7, 2015Daniel Cid

FBI Public Service Annoucement: Defacements Exploiting WordPress Vulnerabilities

The US Federal Bureau of Investigation (FBI) just released a public service announcement (PSA) to the public about a large number of websites being exploited and compromised through WordPress plugin…

Read More about FBI Public Service Annoucement: Defacements Exploiting WordPress Vulnerabilities

October 30, 2014Mickael Nadeau

Security Advisory – Medium Severity – WP eCommerce WordPress Plugin

If you’re using the popular WP eCommerce WordPress plugin (2,900,000 downloads), you should update it right away. During a routine audit for our Website Firewall (WAF), we found a dangerous…

Read More about Security Advisory – Medium Severity – WP eCommerce WordPress Plugin

October 23, 2014Keir Desailly

Manipulating WordPress Plugin Functions to Inject Malware

Most authors of website malware usually rely on the same tricks, making it easy for malware researchers to spot obfuscated code, random files that don’t belong, and malicious lines injected…

Read More about Manipulating WordPress Plugin Functions to Inject Malware

September 16, 2014Tony Perez

The WordPress Security Plugin Ecosystem

As a child, did you ever play that game where you sit in a circle and one person is responsible for whispering something into one persons ear, and that message…

Read More about The WordPress Security Plugin Ecosystem

August 15, 2014David Dede

Thoughts on WordPress Security and Vulnerabilities

As avid readers of this blog know, we’ve discovered or written about multiple vulnerabilities within the WordPress ecosystem over the last couple of weeks specifically relating to popular plugins. MailPoet…

Read More about Thoughts on WordPress Security and Vulnerabilities

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.