Major WP Exploit caused by the SMTP plugin


Hi Everyone,

We would like to inform you that recently a number of WordPress site were hacked and it was causing redirection to another site with URL hxxps://getmyfreetraffic(dot)com initially the cause of the issue was unknown we found out that the Site URL field is updated in Database as shared in the screeshot

And a user was being added in users table with the following email and name

username: devidpentesting99

Upon further check we found out that all of the sites that were hacked or exploit had one common plugin name EASY WP SMTP, if any customer is facing any such issue or hack on his site we request you to upgrade the plugin to the latest version as the exploit has been fixed by the plugin author, the details of the change log here confirm that a fix has been applied for further details on how the exploit works please refer who originally reported the bug.

Best Regards
Anas Moiz


In fact I had to restore from a backup because of that hacking. The hacker “registered” its user even when Wordpress user registration was disabled.