Insecure deserialization vulnerability in WordPress Newsletter Manager plugin (unpatched).