The Mailster - Email Newsletter Plugin for WordPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.6.
Unauthenticated attackers can include and execute arbitrary files on the server, allowing the execution of any PHP code in those files.
