Popular WordPress plugin Easy WP SMTP plugin, with over 500,000 active installations, just patched a vulnerability that allows an attacker to take control of a site. The flaw in the WordPress plugin allows hackers to reset the admin password and take complete control of a website.
Easy WP SMTP Vulnerability
The vulnerability is in a debug log file that is exposed because of a very basic error in how the plugin maintained a folder. Plugin folders on a server that contain files that are not meant to be seen by users usually contain a blank index.html file. The purpose of that file is to keep…