The company behind the WPML Word Press plugin was forced to explain to its customers that a former employee had sent an erroneous email that stated the plugin had security issues.

Word Press developer OnTheGoSystems defended itself in a statement and on Twitter explaining there is nothing wrong with the plugin and that the email was sent by a disgruntled former employee who used an old SSH password and a backdoor he had created to hack into their system and send the email to the customer base.

“Many of our clients received very distressing emails about an exploit on WPML plugin. This email was sent from an intruder who got into our site and used our mailer. Obviously, that message was not sent from us. If you received such an email, please delete it. Following links in hacked emails can cause additional problems,” said WPML developer Amir Helzer.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.