MailPoet Newsletters WordPress plugin vulnerability – update immediately Updated on August 16, 2021 by Jeff Matson 0 Minutes, 55 Seconds to Read On July 4th, 2014 a vulnerability was discovered in the MailPoet Newsletters plugin for WordPress that allows code to be remotely injected into any sites that are running versions 2.6.7 or older. Am I affected? Thankfully, the developer of the MailPoet Newsletters plugin has released an update that resolves the security vulnerabilities. If you are running the latest version of MailPoet Newsletters which is currently version 2.6.8, you are NOT vulnerable. If you are running an older version of this plugin, you need to update immediately to prevent your site from becoming compromised. What if I have become compromised? We recommend to fully restore from any backups that you have previously made in the past to be safe, and update the MailPoet Newsletters plugin as soon as possible. If you do not have a backup that you can restore from, we recommend looking through your code for abnormalities. How do I prevent this in the future? There is no 100% way to avoid vulnerabilities, bit your best line of defense is to keep all plugins updated at all times which dramatically decreases your chances of running a vulnerable site. Share this Article Related Articles SpamAssassin: Fighting Spam How to Configure Mailbox Quota Notifications How to Import Email Accounts and Forwarders into cPanel How to Login to SquirrelMail Set Up MX and SPF Records for InMotion Hosting Professional Email How to Purchase InMotion Hosting Professional Email in AMP How to Fix the “550 No Such User Here” Email Error How to Setup an Email AutoResponder in cPanel Logging into Horde How to Change an Email Password in cPanel and Webmail
