Lucene search
Daniel RufPATCHSTACK:6AEF7395AE3B7E232CDDBE55CDEE06CFHistoryMay 26, 2022 - 12:00 a.m.
WordPress Mail Subscribe List plugin <= 2.1.3 - Arbitrary Subscribed User Deletion via Cross-Site Request Forgery (CSRF) vulnerability
2022-05-2600:00:00
Daniel Ruf
patchstack.com
12
0.001 Low
EPSS
Percentile
25.9%
Arbitrary Subscribed User Deletion via Cross-Site Request Forgery (CSRF) vulnerability was discovered by Daniel Ruf in the WordPress Mail Subscribe List plugin (versions <= 2.1.3).
Solution
Update the WordPress Mail Subscribe List plugin to the latest available version (at least 2.1.4).
| CPE | Name | Operator | Version |
|---|---|---|---|
| mail subscribe list | le | 2.1.3 |
Related
prion
prion
Cross site request forgery (csrf)
2022-06-20 11:15:00
wpvulndb
wpvulndb
Mail Subscribe List < 2.1.4 - Arbitrary Subscribed User Deletion via CSRF
2022-05-26 00:00:00
nvd
nvd
CVE-2022-1603
2022-06-20 11:15:09
cnvd
cnvd
WordPress Mail Subscribe List plugin跨站请求伪造漏洞
2022-06-22 00:00:00
cvelist
cvelist
cve
cve
CVE-2022-1603
2022-06-20 11:15:09
wpexploit
wpexploit
Mail Subscribe List < 2.1.4 - Arbitrary Subscribed User Deletion via CSRF
2022-05-26 00:00:00