Support » Plugin: MailPoet Newsletters (Previous) » Huge exploit

  • A huge exploit caused serious problems to my server. All my websites (with or without mailpoet) hacked and i’m spending hours trying to detect and remove infected files uploaded on server. Totally unacceptable and frustrating.

    Also, very late response as you realized what was going on and informed users just a few weeks after the problem appeared.

    You have found and fixed the problem, but how we are going to clean our servers from all the rubbish? You should also find a solution for that!

Viewing 1 replies (of 1 total)
  • Plugin Author MailPoet


    Hi Marshall,

    First off, we’re truly sorry for what happened.

    Let me step back a little, so you understand our stand point.

    We are a small company of 10 guys with thousands of free users and paying customers affected by this.

    Every action we took followed the protocol accepted by the WordPress community. We interacted with all parties, and solved the security issue before it was publicly announced.

    We sent newsletters, published 2 blog posts, updated our Twitter account to announce that our plugin was finally secured. WordPress itself has been a regular target of hackers, and has proceeded in a similar way.

    The hack you experienced came a about week after we took all the steps.

    We’re putting the extra effort to help everyone in due time on support.

    From the users’ perspective, we can only recommend to keep perfect backups, and keep WordPress and plugins updated at all times. This is something that we have our hands off, unfortunately. Every week on support, we deal with users with zero backups.

    What happened this week to us has previously happened to themes and plugins before. Unfortunately, it will happen again. WordPress is a target because it has become so massive.

    I hope this clarifies the position we’re caught despite ourselves.

    Let us know if you need anything else:

Viewing 1 replies (of 1 total)
  • The topic ‘Huge exploit’ is closed to new replies.