Zero-Day In WordPress SMTP Plugin Abused By Two Hacker Groups

By   ISBuzz Team
Writer , Information Security Buzz | Mar 22, 2019 08:30 am PST

It has been reported that a zero-day WordPress plugin has been exploited in the wild by at least two hacker groups. The vulnerability can be used to change site settings, create admin accounts to use as backdoors and then hijack traffic from the hacked sites. 

Satnam Narang, Senior Research Engineer at Tenable:

isbuzz expert 10“According to Web Technology Surveys (w3techs), WordPress has a market share that’s larger than all other content management systems (CMS) combined, as it is used by one third of all websites. Because of its sheer dominance in the CMS space along with the presence of many WordPress plugins, WordPress sites are a ripe target for cybercriminals. In this case, the Easy WP SMTP plugin has over 300,000 active installations and despite the availability of a patch for it, there are reports that attackers continue to target sites running the vulnerable plugin. The vulnerability exists in version 1.3.9 of the plugin, so users running older versions of the plugin are not vulnerable. However, all users, especially those using 1.3.9, should update to the latest version of the plugin, as soon as possible.”