CVE-2018-6015

🗓️ 26 Jan 2018 20:01:29Reported by mitreType

An issue in "Email Subscribers & Newsletters" plugin allows unauthorized CSV data download

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
wpexploit	Email Subscribers & Newsletters < 3.4.8 - Unauthenticated Subscriber Download	24 Jan 201800:00	–	wpexploit
Cvelist	CVE-2018-6015	26 Jan 201820:00	–	cvelist
WPVulnDB	Email Subscribers & Newsletters < 3.4.8 - Unauthenticated Subscriber Download	24 Jan 201800:00	–	wpvulndb
Check Point Advisories	WordPress Email Subscribers Newsletters Plugin Information Disclosure (CVE-2018-6015)	26 Feb 201800:00	–	checkpoint_advisories
Prion	Design/Logic Flaw	26 Jan 201820:29	–	prion
Patchstack	WordPress Email Subscribers & Newsletters plugin <=3.4.7 - Missing Function Level Access Control vulnerability	19 Jan 201800:00	–	patchstack
NVD	CVE-2018-6015	26 Jan 201820:29	–	nvd

Nvd

Node

icegram email_subscribers_&_newslettersRange<3.4.8wordpress

Source	Link
blog	www.blog.threatpress.com/vulnerability-email-subscribers-plugin/
wordpress	www.wordpress.org/plugins/email-subscribers/
exploit-db	www.exploit-db.com/exploits/43872/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Jan 2018 20:29Current

7.4High risk

Vulners AI Score7.4

CVSS25

CVSS37.5

EPSS0.01823

CWE-200