CVE-2013-3264

2013-11-05T20:55:00
ID CVE-2013-3264
Type cve
Reporter cve@mitre.org
Modified 2013-11-06T14:55:00

Description

The WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for Wordpress does not properly restrict access to (1) list/edit.php and (2) campaign/editCampaign.php, which allows remote attackers to modify list or campaign data.