IMPORTANT NOTICE FOR ANYONE USING WORDPRESS
(or if you know of someone who does, please pass this along)
**If you are currently an IDEAS Design client on our website protection plan you need not worry about this as all updates are immediate on the plan. MailPoet is also not a plug-in we install on our clients websites unless they specifically request it.**
This alert applies to WordPress websites using the popular MailPoet plugin. Immediate action is required for users of this plugin.
A major vulnerability in the popular WordPress plugin MailPoet is currently being widely exploited.
This vulnerability is allowing attackers to inject malware and other malicious code onto sites using outdated versions of the plugin. In fact, this vulnerability is so significant, attackers may be able to inject absolutely anything they want onto your site, leaving you and/or your business open to a number of dangers beyond a simple site hack.
It is important for us to stress that the ongoing, aggressive exploitation of this vulnerability is very large in scale, and the assumption should be that your WordPress site – if you’re using the plugin – will be targeted and exploited, if it has not already happened.
Please Take Action Now
If you are currently using MailPoet (or think you may be using it), please take immediate action to secure your website. Specifically, update the plugin if you haven’t done so already.
It is fixed in the version 2.6.7. Upstream changelog:
If you’re not sure if you use this plugin, we highly advise that you find out right away.
You can check and update your plugins through your WordPress dashboard, you will see a link for the Plugins in the left menu as shown highlighted below.
You can also visit the MailPoet plugin page here.
For more information on how to protect your site, whether its WordPress or any other site, Call us @ 954-522-7470