IMPORTANT! Major Security Update - Newsletter 2.2.4

I’ve been notified of a major security vulnerability in the Newsletter plugin that has the potential for ill-intentioned users to preform an SQL Injection and reveal your administrator name and password hash - this is not your actual password, but the encrypted one stored in the database.  If your admin account has a strong password you have nothing to worry about, but it is possible to crack weak passwords using this method.  So I recommend you not only update your Newsletter Plugin to version 2.2.4 but also make sure you are using a strong password as well on your Admin account.  Sorry for the issue loyal users, but I guess I’ve hit the big-time now that I’ve been targeted for exploits!

Download Update in your Paid Plugins


This entry was posted on Monday, February 4th, 2008 at 9:22 pm and is filed under WP Newsletter, News and Updates. You can follow any responses to this entry through the RSS 2.0 feed.

Comments are closed.