Support » Plugin: MailPoet - emails and newsletters in WordPress » Security – Hacker send email via my admin-ajax.php

  • Hi,

    I face an issue since months. My site send emails dozens of times a day, to unknown recipients. After investigation, it appears that a hacker uses the file admin-ajax.php to send emails via my site.

    Log file : – [23/Sep/2019:01:06:01 +0200] “POST /wp-admin/admin-ajax.php HTTP/1.1” 200 25 “-” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.101 Safari/537.36”

    POST data :

    I used MailPoet Newsletters (wisija) V2.7.4 but this plugin is now desactivated and the name of the plugin folder has been changed (-OFF added).

    I have check my WP with Wordfence and no files has been modified.

    I have deny this IP in my HTACCESS but if the hacker change it, This will start again.

    Is there a way to fix this issue ?


    Previous on WP support

Viewing 4 replies - 1 through 4 (of 4 total)
  • Hi Jacques

    You could install a plugin to prevent starting wordpress files from outside the site.
    Also you can add the following line at the beginning of the file
    if ( ! defined( ‘ABSPATH’ ) ) exit; // Exit if accessed directly

    This is one of many solutions
    Also I would recommend to install “WP all in one security” which is a great secrutity plugin.

    Hi Peter,

    Thanks for your response.

    I added a test at the beginning of the admin-ajax.php file. If true => die. That works fine.


    Hi Jaques,

    Glad to be able to help you.
    Nice to read that your problem is resolved😀

    Plugin Author MailPoet


    Hi @sojahu,

    Please note this is the support forum for MailPoet 3 and not MailPoet 2.

    Please email our support team via support(at) with the full details of what you’ve found and we’d be happy to investigate.


Viewing 4 replies - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.