Unauthenticated Insecure Deserialisation vulnerability found by Jerome Bruander (NinTechNet) in WordPress Newsletter Manager plugin (versions <= 1.5.1).
2020-12-31 - we were unable to find a patched version of this plugin.
WordPress.org notification: "This plugin has been closed as of October 28, 2020 and is not available for download. Reason: Security Issue."
Found a vulnerability that puts your sites at risk?