JVN#94409737: MailPoet Newsletters vulnerable to cross-site request forgery

2014-08-26T00:00:00
ID JVN:94409737
Type jvn
Reporter Japan Vulnerability Notes
Modified 2014-08-26T00:00:00

Description

## Description

MailPoet Newsletters is a plugin for WordPress. MailPoet Newsletters contains a cross-site request forgery vulnerability.

## Impact

If a user views a malicious page while logged in, unintended operations may be conducted.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.

## Products Affected

  • MailPoet Newsletters 2.6.10 and earlier