Update “Mail Poet” Plugin Immediately
So, we thought it was even more important than usual to also share the news about a security vulnerability that could potentially affect some WordPress installations using the Mail Poet plugin. If you are using this plugin, Sucuri, a highly-respected web security firm, recommends you update it immediately to eliminate a flaw that “allows an attacker to upload any file remotely to the vulnerable website” without authorization.
We’re glad to see the security community reacting swiftly to vulnerabilities like this. And thanks to Mail Poet for responding with a fix when Sucuri alerted them to the problem. The plugin’s latest version is considered secure, and we still recommend it.
Read the full post by Sucuri’s Daniel Cid.