MailPoet security issues have been detected.  If you’re running WordPress with the MailPoet plugin, you should update it immediately.

Website security provider Sucuri released a blog post today detailing an issue with the popular WordPress plugin called MailPoet (wysija-newsletters).  If you’re running MailPoet, you will want to make sure that you’re running version 2.6.7, which was just released earlier today.

This bug allows a remote attacker complete access to a compromised site.  Files can be uploaded that allow the attacker to use your website for spam and phishing campaigns, infect users browsing your site, or infect other websites if you’re on a shared server.

If you’re not sure whether your site is affected, or you need some help making the update, please let us know.  We’re more than happy to assist with updating your WordPress plugins to maintain the security of your site.

Source: Sucuri Blog