WordPress Newsletter plugin is prone to a remote file disclosure vulnerability. It allows an attacker to compromise encrypted login credentials for or retrieve the device’s administrator password allowing them to directly access the device’s configuration control panel.
Update the plugin,