SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter, a different vector than CVE-2008-0683.
https://www.exploit-db.com/exploits/6777
https://exchange.xforce.ibmcloud.com/vulnerabilities/45981