Due to a serious vulnerability on the MailPoet WordPress Plugin. Many WordPress sites have been compromised and possibly infected with very malicious malware. This malware can infect all pages and plugins and break sites.
Please ensure you have updated all your plugins and WordPress core. This will assist in plugging the vulnerable code and prevent such attacks that allow hackers free access to uploading file to your site..
See the full description and article here. Sucuri Malware Alert
