We are very serious about all our email optins with WordPress and any online presence. We have been using FREE PHPLIst for many years with few issues. In Sep 2012, we decided to move forward and pay for this plugn. After a month, we noticed a huge drop in email opt ins and sales conversions. It ended up being this plugin made it quite easy for people to unsubscribe from your newsletter which pretty well stalled the growth of the business. As this being a critical part of any online business, we only used Wysijs for email captures which worked fine up until today. We noticed over 200 spammy emails cpatured by this plugin where we literally lost dozens of valid emails since Friday. We had to do emergency surgery to the email capture to restore our original PHPList settings which was put back to our pre September period. Our email capture is mission critical for us as we need 24/7 support for any product like this. We cannot afford to wait for fixes as our real time site is still capturing spammy emails. We lost complete faith in this product and therefore dumped it which is now been fully restored with PHPList. With their Flash capture optin feature, I would figure that this will be a very high risk security breach for any business using this plugin. It all comes down to a cat and mouse game as the WYSIJA patches will not be sufficient. Take heed if you use this plugin.
Don't get me wrong, I like this plug a lot with their awesome newsletter feature but it is too high risk to use for our operation. I am just posting this as warning and our experience with Wysija.
P.S. And yes we always use the latest security patches and updates of the plugin.