Former WPML employee hacks plugin website to spam customers
The website of popular WordPress plugin WPML has been restored after being hacked by a former employee, the plugin-maker OnTheGoSystems said Sunday. WPML said the incident caused it to lose client data, forced it to rebuild its server from scratch and prompted it to reset all customers’ passwords. OnTheGoSystems said that the plugin itself was not vulnerable and that payment information had not been exposed. We’re very sorry to report that our WEBSITE got hacked. Looks like an ex-employee backdoor. There is NO exploit in the WPML plugin we doublechecked. Payment information was NOT compromised as we don’t store this information. We strongly advise changing your WPML account password. — WPML (@wpml) January 20, 2019 WPML is a tool that WordPress users can purchase to run their websites in different languages. OnTheGoSystems says that more than 600,000 websites use the plugin. “This hack was not done via an exploit in WordPress, WPML or another plugin, but using this […]
The post Former WPML employee hacks plugin website to spam customers appeared first on CyberScoop.
Continue reading Former WPML employee hacks plugin website to spam customers