Description
WordPress Plugin WP Mass Mail is prone to an open email relay vulnerability that lets attackers send mass emails without authentication. An attacker could exploit this issue to send unsolicited spam email to an unrestricted number of email addresses. WordPress Plugin WP Mass Mail version 2.45 is vulnerable; other versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
http://www.securityfocus.com/bid/53818/exploit
http://packetstormsecurity.com/files/113286/WordPress-WP-Mass-Mail-Spoofing.html