Threat Post

Newsletter WordPress Plugin Opens Door to Site Takeover

An XSS bug and a PHP object-injection vulnerability are present in a plugin used by hundreds of thousands of websites. Newsletter, a WordPress plugin with more than 300,000 installations, has a pair ...
Bleeping Computer

Newsletter plugin bugs let hackers inject backdoors on 300K sites

Owners of WordPress sites who use the Newsletter plugin are advised to update their installations to block attacks that could use a fixed vulnerability allowing hackers to inject backdoors, create ...
TechCrunch

WordPress.com challenges Substack with launch of paid newsletters

WordPress.com is taking on Substack and others with today’s news that its Newsletter product will now support paid subscriptions and premium content. First launched in December, WordPress.com ...