
WPML Website Hacked, Customer Emails Compromised - bdcravens
https://wptavern.com/wpml-website-hacked-customer-emails-compromised
======
riccarbi
Just received the same e-mail. I don't know whether it is a legitimate one or
not, but it sounds VERY suspicious. Mine includes a direct link to change my
WPML account password (pointing to a domain other than WPML's). This is
utterly suspicious and technically wrong. Why do not simply say " go to your
WPML account and change your pass" and include a direct link, instead?
Furthermore, it's Sunday. So WPML's staff is arguably on holiday and is not
replying to the messages which are now popping out on their support forum. My
humble suggestion: do not click on that link!

------
bdcravens
Email from WPML:
[https://pastebin.com/raw/jS44fnMa](https://pastebin.com/raw/jS44fnMa)

