Mailguns WordPress website has been hit by a spray-and-pray hacking campaign, as part of the massive attack on WordPress websites. The attacks exploited unpatched cross-site scripting (XSS) vulnerability in a WordPress plugin named Yuzo Related Posts. Mailgun has reportedly removed the plugin within two hours of detecting the issue and the website is now safe for use. The plugin was removed from the official WordPress Plugins repository on the same day itself so as to prevent further downloads until a patch for the vulnerability was made available.”]
Source: https://hackercombat.com/mailguns-wordpress-website-hacked/