Purple Team
Published in

Purple Team

A bug in a WordPress plugin leaves 20,000 websites at risk of phishing attacks

Retrieved from cloudways.com

The WordPress WP HTML Mail plugin is susceptible to a high-severity issue that can result in code injection and the deployment of believable phishing emails. This plugin is used by over 20,000 websites and allows you to create customized emails, contact form alerts, and other messages that online platforms send to their users.




Help cybersecurity professionals to enhance their knowledge.

Recommended from Medium

Google reveals a large-scale phishing campaign aimed at YouTubers.

What is a VPN?

{UPDATE} Hey Jumper! Hack Free Resources Generator

Thousands of Pentagon contractors could buckle under cybersecurity push

EBI Security Guide


Cyber tips for the new work-from-home reality

Scan web contents with DIRB

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
David Artykov

David Artykov

Cybersecurity Professional

More from Medium

1.6 Million WordPress Sites Have Been Attacked

Where in the World is Carmen Sandiego: Abusing Location Services on macOS

Regulating crypto could create American super apps

A burning smartphone against a black background