MailPoet vulnerability endangers Wordpress, Joomla

the vulnerability in MailPoet, a WordPress plugin with more than 1.7 million downloads, allows attackers to upload any file of their choice to vulnerable servers