• I recently upgraded my WordPress blog to the latest version. I also added some new plugins which included “Email Notification” plugin by Brian Groce. Shortly afterward, I starting receiving bounces from emails that were being sent out through my server, but not through me.

    I contacted Brian and heard back once from him. I noticed that data was being logged in the mySQL database from outside for this plugin. He verified that he knew that was happening, but that was all he knew about.

    I have since tried getting in touch with him again, but haven’t heard back. As a precaution, I disabled the plugin, however, I didn’t delete the plugin at the time. I also disabled the php-Myadmin plugin (just in case).

    Today, through my logs, I verified the email was being sent out through my server again. The logs showed that the perpetrator was using /maillist/index.php to send out the emails.

    If anyone wishes to discuss this with me, I would be glad to entertain any emails sent to

Viewing 4 replies - 1 through 4 (of 4 total)
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘EMAIL NOTIFICATION VUNERABILITY’ is closed to new replies.