The Easy Newsletter Signups plugin for WordPress is vulnerable to a security problem called SQL Injection. This security problem allows people with administrator-level access to extract sensitive information from the database. This security problem exists in all versions of the plugin up to version 1.0.4 due to the plugin not properly dealing with user supplied information and not properly preparing existing SQL queries.