Wordpress site being redirected to or other monetization sites.
Posted by Hasan B, Last modified by
Undefined index: editedstaff (./__swift/cache/99a2018850e43fc96b722079625d25a8.php:44)
Copy to clipboard:
on 12 April 2019 08:19:03 PM

You may face an issue wherein your Wordpress site is redirected to a URL such as or a similar monetization website. Upon checking the same from, you will notice a 301 permanent redirect.

The redirection occurs because the Site URL and Home URL are modified to, in the Wordpress database.

Upon further investigation, we notice that the vulnerable plugin is Easy-WP-SMTP version 1.3.9. This vulnerability exploits the plugin's hook functions and allows a hacker to include malicious javascript redirects or modify the Wordpress database.

Here are a few articles discussing the issue:




According to the plugin’s forum, the vulnerability has been fixed in version

Steps to recover the site:

1. Edit the 'site_url' and 'home_url' in the wp_options table of the Wordpress database from PhpMyAdmin.


Access your admin Dashboard and remove any false admin accounts from Dashboard>Users>All users.

Update the Easy WP SMTP plugin to the latest version.

  • You can manually check for updates by visiting the Dashboard » Updates page.
  • You can install these updates by visiting the Plugins page. You will see a notification below each plugin that has updates available for you to install.
  • This will show you a list of updates. You can select the plugin you wish to upgrade and choose ‘Update’ from the  ‘Bulk Actions’ menu.
(2 vote(s))
Not helpful

Comments (0)