The Builder Contact add-on contains a security loophole that allows hackers to send spam / phishing emails on behalf of sites that use it, according to a announcement the company's.
The issue was first reported by some members of the company support forum and soon after by the WordFence team. 
According to the company announcement, immediate measures have been taken to repair all security gaps and an update has been released.
If you are using Builder Contact in the previous version 1.4.6, you should update immediately to the latest version.
If you have the old version of Builder Contact installed on your server but have not activated it, delete it or replace it with the latest version (do not leave the vulnerability on the server, even if you do not have it enabled).
If your subscription has expired and the Builder Contact cannot be updated, contact the company and they will give you the new version for free with a 3 month subscription extension.
Recox: Top Script for Web Reconnaissance
Comment Policy:
IGuRu.gr does not post comments directly. Malicious comments, comments that include ads, or comments with insults are deleted without any notice. We do not adopt the views expressed by our readers.
Your comments will be displayed after approval by the administrators