Bleeping Computer

Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks

More than 200,000 WordPress websites are using a vulnerable version of the Post SMTP plugin that allows hackers to take control of the administrator account. Post SMTP is a popular email delivery ...

Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites

More than 30 WordPress plugins were shut down after a supply-chain backdoor compromised thousands of sites through the ...
Bleeping Computer

Hackers exploit WordPress plugin Post SMTP to hijack admin accounts

Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.