Geeks for your information News Privacy & Security News v
Ex-Employee Hacks WPML WordPress Plugin Site and Spams Users
Ex-Employee Hacks WPML WordPress Plugin Site and Spams Users
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
21 January 19, 14:16
Quote:Last night the web site for the WordPress Multilingual Plugin (WPML) WordPress plugin was hacked and users of the plugin started receiving receiving emails stating that the plugin is filled with vulnerabilities. According to WPML, this was caused by a ex-employee who left a backdoor in their site.

WPML is a plugin that allows you to add multilingual support to WordPress and according to their site is used by 600,000 users.

In a blog post by WPML developer Amir Helzer, the company explains that the hack and resulting spam emails were sent by an alleged ex-employee who left a backdoor in their site. Helzer went on to say that they have updated their site, rebuilt the code, and secured access to the admin account with 2FA.

Source: https://www.bleepingcomputer.com/news/se...ams-users/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
K-Lite Codec Pack 19.3.5 / 19.3.6 Update
Changes in 19.3.6:...harlan4096 — 11:55
AVG 25.12.10659
AVG 25.12.10659: ...harlan4096 — 11:54
Avast 25.12.10659
Avast 25.12.10659:...harlan4096 — 11:53
Microsoft Edge 143.0.3650.80
Version 143.0.3650...harlan4096 — 11:52
Audacity 3.7.7
Audacity 3.7.7 ...harlan4096 — 11:50

[-]
Birthdays
Today's Birthdays
avatar (41)Enlargedterrestrial20
Upcoming Birthdays
avatar (43)ivyhuv

[-]
Online Staff
There are no staff members currently online.

>