Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | Exploit for CVE-2023-1430 | 12 Jun 202310:07 | – | githubexploit |
 | CVE-2023-1430 | 9 Jun 202306:15 | – | attackerkb |
 | WordPress Plugin FluentCRM- Marketing Automation 安全漏洞 | 9 Jun 202300:00 | – | cnnvd |
 | CVE-2023-1430 FluentCRM - Marketing Automation For WordPress <= 2.8.01 - Insufficient Use of Hash as Authorization Control | 9 Jun 202305:33 | – | cvelist |
 | EUVD-2023-23681 | 3 Oct 202520:07 | – | euvd |
 | CVE-2023-1430 | 9 Jun 202306:15 | – | nvd |
 | CVE-2023-1430 | 9 Jun 202306:15 | – | osv |
 | Code injection | 9 Jun 202306:15 | – | prion |
 | CVE-2023-1430 | 23 May 202502:13 | – | redhatcve |
 | CVE-2023-1430 FluentCRM - Marketing Automation For WordPress <= 2.8.01 - Insufficient Use of Hash as Authorization Control | 9 Jun 202305:33 | – | vulnrichment |
10
Node
[
{
"vendor": "techjewel",
"product": "FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution",
"versions": [
{
"version": "0",
"status": "affected",
"lessThanOrEqual": "2.8.0.1",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| md5_hash_of_email | query param | unsubscribe.php | Unsubscription page uses an MD5 hash of the email address as authorization, allowing unauthorized unsubscription when the hash is known. | CWE-759 |
| email_hash | query param | unsubscribe.php | Unsubscription page uses an MD5 hash of the email address as authorization, allowing unauthorized unsubscription when the hash is known. | CWE-759 |
| ce_id | query param | manage_subscription.php | Manage preferences page accepts either MD5 or a persistent secure_hash for authorization, enabling modification of a contact's data if the hashes are known. | CWE-759 |
| md5_hash | query param | manage_subscription.php | Manage preferences page accepts either MD5 or a persistent secure_hash for authorization, enabling modification of a contact's data if the hashes are known. | CWE-759 |
| secure_hash | query param | manage_subscription.php | Manage preferences page accepts either MD5 or a persistent secure_hash for authorization, enabling modification of a contact's data if the hashes are known. | CWE-759 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
08 Apr 2026 19:18Current
5.9Medium risk
Vulners AI Score5.9
CVSS 3.13.7 - 6.5
EPSS0.01598
SSVC