We do. At blogVault, we believe that our job isn’t just about backups. Our customers put their faith in us for providing the best protection for their data. In return, we do everything to keep them happy and their sites safe. That includes keeping ourselves up-to-date with the latest from the WordPress world. The recent notification that we sent out to all our clients about the MailPoet plugin vulnerability is one such example. As soon as we learnt about this bug, we quickly scanned through our customer sites to see who had the vulnerable version of the plugin installed. We then sent out an email to all these customers asking them to update the plugin immediately.
The MailPoet plugin is a very popular WordPress newsletter plugin downloaded over 2 million times. A serious security vulnerability was recently discovered in this plugin. The bug allows an attacker to upload any file remotely to the vulnerable website, without the need for any authentication. After this, the attacker can use this ‘backdoor’ to create an admin user to freely access your site. This can lead to your website being used to send SPAM, host malware, and even infect your customers. From then on it is nearly impossible to clean your site completely unless you have a good backup system (like blogVault) in place.
The blogVault team understands the impact that such threats have on the customer’s business. We send out a notification to all clients who have the vulnerable plugin installed on their site. The customer can then immediately upgrade the plugin and save the site from being hacked. This is something that no other WordPress backup plugin does today.
In the worst case that a customer is hacked due to this vulnerability, they have our awesome Auto Restore feature that will quickly revert back to the latest backup. After this, the customer can upgrade the plugin to the latest version to secure themselves from a repeat attack.