Ex-Employee Hacks WPML WordPress Plugin Site and Spams Users
The website of the WordPress Multilingual Plugin (WPML) has been hacked by an ex-employee over the weekend. As part of the attack, the threat actor sent an email to the 600,000 WPML customers claiming that the plugin for multilingual website support is riddled with “ridiculous security holes”, which caused two of the attacker’s websites to be “hacked.” In line with this message, the threat actor made changes to the WPML so that it listed “security holes” as one of the plugin’s features.
In a blog post, WPML blamed the incident on a former employee who compromised the service through a backdoor (s)he had built into the site. The developer stated that it has removed the backdoor and secured the website.