Bleeping Computer

Newsletter plugin bugs let hackers inject backdoors on 300K sites

Newsletter users are urged to update the plugin to the 6.8.3 version as soon as possible to block attacks designed to add rogue admins or to inject backdoors on their sites given that threat actors ...
Threat Post

Critical Vulnerability in WordPress Plugin Could Allow Site Takeover

Wordpress users that have the MailPoet newsletter plugin installed are being cautioned to upgrade immediately. WordPress users that have a popular plugin installed are being cautioned to upgrade ...
SecurityWeek

Year-Old WordPress Plugin Flaws Exploited to Hack Websites

Three critical-severity vulnerabilities in the GutenKit and Hunk Companion WordPress plugins have been exploited in a new campaign.
PC World

Critical vulnerability in popular WordPress newsletter plug-in endangers many blogs

A critical vulnerability found in a WordPress plug-in that has been downloaded over 1.7 million times allows potential attackers to take complete control of blogs that use it. The flaw is located in ...