On July 4th, 2014 a vulnerability was discovered in the MailPoet Newsletters plugin for WordPress that allows code to be remotely injected into any sites that are running versions 2.6.7 or older.

Am I affected?

Thankfully, the developer of the MailPoet Newsletters plugin has released an update that resolves the security vulnerabilities. If you are running the latest version of MailPoet Newsletters which is currently version 2.6.8, you are NOT vulnerable. If you are running an older version of this plugin, you need to update immediately to prevent your site from becoming compromised.

What if I have become compromised?

We recommend to fully restore from any backups that you have previously made in the past to be safe, and update the MailPoet Newsletters plugin as soon as possible. If you do not have a backup that you can restore from, we recommend looking through your code for abnormalities.

How do I prevent this in the future?

There is no 100% way to avoid vulnerabilities, bit your best line of defense is to keep all plugins updated at all times which dramatically decreases your chances of running a vulnerable site.

Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve this article:
Email Address

new! - Enter your name and email address above and we will post your feedback in the comments on this page!

Support Center Login

Social Media Login

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Post a Comment

Email Address:
Phone Number:

Please note: Your name and comment will be displayed, but we will not show your email address.

0 Questions & Comments

Post a comment

Back to first comment | top

Need more Help?


Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!