Malware Exploiting Vulnerability in Easy WP SMTP

  • Resolved willbot

    (@willbot)


    1 year, 10 months ago

    According to the following article, Easy WP SMTP is one of the plugins with vulnerabilities that are being exploited by backdoor malware:

    https://thehackernews.com/2023/01/wordpress-security-alert-new-linux.html

    This appears to be the same malware mentioned in an Ars Technica article mentioned in a previous forum post:

    https://www.ads-software.com/support/topic/backdoor-infection/

    Could you please address this serious issue.

    • Has the vulnerability been identified?
    • Has the vulnerability been fixed yet? If so, what version of Easy WP SMTP has the fix? If not, do you have an estimate of when it will be fixed?
    • What is being or has been done to address this?

    The company I work for has at least 14 websites that are using the Easy WP SMTP plugin. I have disabled it until we know that the vulnerability has been addressed. If the vulnerability is not addressed soon, we will be forced to switch to a different plugin.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Dake

    (@dakeg)

    Hi @willbot ,

    Thanks for reaching out to us and we truly understand your concern.

    The security issues referenced in those articles were already resolved in our previous versions. We recommend everyone always keep their plugins up to date. Please update to our latest version if you haven’t already done so.

    We apologize for the inconvenience, but rest assured that we are in the process of executing a full plugin review to ensure that something like this doesn’t occur in the future.

    If you have any additional questions or feedback, please feel welcome to let us know!

    Thanks!

    Thread Starter willbot

    (@willbot)

    Thanks for the update.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Malware Exploiting Vulnerability in Easy WP SMTP’ is closed to new replies.