Very recently we found out our site was redirecting to some random ads url and was trying to figure out what caused it.
We found that our site URL in DB was Changed with some code. Our site is very well protected and all. We were going crazy about this and thinking how could this happen until we found that it was due to a plugin- Easy WP SMTP.
According to article of Wordfense – Over the weekend, a vulnerability was disclosed and patched in the popular WordPress plugin Easy WP SMTP. The plugin allows users to configure SMTP connections for outgoing email, and has a userbase of over 300,000 active installs. The vulnerability is only present in version 1.3.9 of the plugin, and all of the plugin’s users should update to 184.108.40.206 as quickly as possible to address the flaw.
Don’t panic, if you use the plugin just make sure to update to latest version to avoid any issues.
Happy blogging 🙂