Mailpoet a popular WordPress plugin, has found to have a vulnerability that would allow someone to install malicious code into your website. The plugin has already been fixed but with so many users everyone who is using this plugin needs to update it to the immediate version to protect yourself from the vulnerability. However, something interesting that has been brought up is that popular plugins like this do no sort of announcement when a vulnerability has been found and this is quite concerning.
WordPress being the most popular content management system on the market comes with at lot of users a lot of themes and a lot of plugins but vulnerabilities like this are handled very poorly by the authors of these plugins. If WordPress finds an issue they announce it right away and they work to patch it when a plugin is found the author or the company behind it don’t announce it they keep it hidden. The reason for this is who is going to download a plugin with a history of security issues so they try to conceal it by not announcing it and instead just release a patch for it a silent fix.
What should be happening is that they announce there is an issue they want everyone to switch to the newest version and then they will but the way that it is being handled as of late is quite concerning the companies simply don’t care anymore about the users they just want more downloads for their plugin.
What you the user can be doing to protect yourself is if there is an update for anything your WordPress website user whether it be the theme, the plugins, the WordPress core itself you need to update it. If you are worried about and old plugin not working find a replacement there are literally thousands of plugins out there you are bound to find another one that can do what your old one did and probably even better. Make sure to have some sort of security plugin installed to protect yourself from common attack and to protect your end users from malicious attacks as well.
Further more use a safe and reliable host who can keep your website safe and don’t use any random plugin you find without making sure it has a safe history and is reliable to get the job done.
Any questions about what else you can do to protect your WordPress site can be asked in the comments below!