WordPress users that have a popular plugin installed are being cautioned to upgrade immediately. A vulnerability in the plugin, MailPoet, could essentially allow an attacker to take over any site running it without authentication.
Man, WordPress plugins have been taking a beating recently.
- That image thumb deal
- One or two others…
Moral: The only thing more insecure than WordPress is a WordPress plugin.