Mon Mar 25 12:03:32 NZDT 2019
'Attackers have been actively exploiting serious vulnerabilities in
two widely used WordPress plugins to compromise websites that run the
extensions on top of the content management system.
The two affected plugins are Easy WP SMTP with 300,000 active
installations and Social Warfare, which has about 70,000 active
installations. While developers have released patches for both
exploited flaws, download figures indicate many vulnerable websites
have yet to install the fixes. Figures for Easy WP SMTP, which was
fixed five days ago, show the plugin has just short of 135,000
downloads in the past seven days. Figures for Social Warfare show it
has been downloaded fewer than 20,000 times since a patch was
published on WordPress on Friday. Sites that use either plugin should
disable them immediately and then ensure they have been updated to
version 126.96.36.199 of Easy WP SMTP and 3.5.3 of Social Warfare.'
-- source: https://arstechnica.com/information-technology/2019/03/two-serious-wordpress-plugin-vulnerabilities-are-being-exploited-in-the-wild/
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
More information about the wlug
NOTICE: This is an archive of a public mailing list. The University of Waikato is not responsible for its contents.