The former employee hacked very Popular WordPress CMS Plugins WPML or WordPress MultiLingual. The former employee was angry, and he hacked the plugin and defaced the website using known vulnerabilities. The hacker also sent mass messages to the people who are using the plugin and informed them about the known vulnerabilities in the plugin. As the people outraged on this issue, the company immediately blamed the former employee and corrected the defaced website. The WordPress Multilingual, popularly known as the WPML is used by the WordPress users to translate their websites in foreign languages. There are more than 600,000 users of this plugin actively using it on their sites and received the mass emails on their registered email about the unpatched vulnerabilities.
The WPML is one of the most popular plugins for the WordPress users. It has the free version in the WordPress plugins repository and the paid version for the corporate customers. The hacker, which is claimed to be the angry former employee used the vulnerabilities to gain access of the company servers and sent mass emails to their paid subscribers. In the mass emails, he claimed that he is the security researcher and found vulnerabilities and reported to the WPML Team. But the team never took any action. He also asked the users to check their websites for possible infections from the outside threats.
As per the recent tweets from the company, this act was done by the former employee, who injected the backdoor before leaving the company. He gained access using the backdoor and defaced the website. According to the company, they are working on total server rebuilding and applying security patches to fix the vulnerabilities and then remove the backdoor installed by the hacker so he won’t have access to any of the data of their customers.