vulnerability

Hi there @windros,

apparently from here it connects through the XML-RPC protocol and begins to make continuous admin brute force logins with multiple bot-type ips but they are not blocked even if you configure it.?

I am not 100% sure I have understood the issue that you have mentioned. I’ll be glad to share this with our developers and see if they can research it further.

Could you please contact us via https://www.mailpoet.com/support/sales-pre-sales-questions/ and include a link to this thread?

Your request will be triaged accordingly when we receive it and we’ll be able to provide you with more information there.

Cheers

Thanks for responding, what it was stop doing it and what was apparently a bot continued doing it from the common admin login, mail poet disappeared, it seems that it used left tables but it stopped doing it to do it with anything. The only difference is that it did not use the admin login and i didnt see no more mail poet on the brute force. I delete every thing how ever it continues to do it

Right now I don’t have anything because in a month I changed my website 3 times, I would have to check to see if I have a screen shot. But as I remember the bot because it looked like a bot, it used WordPress-xmlrpc-client with i dont know like an output from mail poet, I delete every thing and changed the xmlrpc with a new file to discard changes and I put an ini rule set xmlrpc error 0 from a plugin that I bought, i set it in the ini, so it was quickly fixed by blocking the bot when trying to log in.

I will check if i got some screenshot i will send it.

Thanks!