HostMonster Web Hosting Help
Emergency WordPress Plugin Update: MailPoet
The WordPress plugin, MailPoet Newsletters, versions prior to 2.6.8, have been found to be vulnerable to unauthenticated file uploads. This means that hackers are able to use this plugin to upload malicious content to your hosting account. On July 22nd 2014 we began manually updating all outdated versions of the MailPoet Newsletters plugins. This update should not have any negative affects to your WordPress site.
Is my WordPress installation up-to-date?
If your Plugin is not up-to-date you will be prompted, in your Dashboard, to update to the latest version.
If you would like to manually check the version you are running, you will need to do the following:
- Login to your WordPress Dashboard.
- Click Plugins.
- Locate MailPoet Newsletter plugin in your list of installed plugins.
- The version number will be listed to the right of the plugin name, ensure it is 2.6.9.
How can I protect myself from future exploits?
The best thing to do is to keep your software up to date. Frequently checking for and applying core software (e.g. WordPress) updates as well as Plugin and Theme updates will help keep your software secure. You may also want to look into using a security service such as SiteLock or CloudFlare