Vulnerability Discovered in Newsletter < 6.8.2
https://www.wordfence.comNewsletter WordPress plugin has 300,000+ active installations and can be used to build an email list, easily create, send and track e-mails. In versions prior to 6.8.2, there were multiple vulnerabilities including a reflected Cross-Site Scripting(XSS) vulnerability and a PHP Object Injection vulnerability.
The issue has been fixed in Version6.8.2 which is available now from the WordPress Plugin Repo.