Developers of a plugin, used by WordPress websites for building pop-up ads for newsletter subscriptions, have issued a patch for a serious flaw. The vulnerability could be exploited by attackers to send out newsletters with custom content, or to delete or import newsletter subscribers. The plugin in question is Popup Builder – Responsive WordPress Pop up – Subscription & Newsletter, from developer Sygnoos.

Read full article on Threat Post