Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
patchstackKohei HinoPATCHSTACK:FDB570EA002358BD67D32394CE029453
HistoryJul 30, 2021 - 12:00 a.m.

WordPress Nifty Newsletters plugin <= 4.0.23 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

2021-07-3000:00:00
Kohei Hino
patchstack.com
5

0.001 Low

EPSS

Percentile

47.3%

JSON

Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) discovered by Kohei Hino (Cryptography Laboratory - Tokyo Denki University) in WordPress Nifty Newsletters plugin (versions <= 4.0.23).

Solution

           This plugin has been closed as of July 29, 2021 and is not available for download. This closure is temporary, pending a full review.
CPENameOperatorVersion
nifty newslettersle4.0.23

Related

prion 1
cnvd 1
cve 1
nvd 1
cvelist 1
wpvulndb 1
prion
prion
Cross site request forgery (csrf)
2021-08-05 21:15:00
cnvd
cnvd
WordPress Nifty Newsletters plugin cross-site request forgery vulnerability
2021-08-07 00:00:00
cve
cve
CVE-2021-34634
2021-08-05 21:15:12
nvd
nvd
CVE-2021-34634
2021-08-05 21:15:12
cvelist
cvelist
CVE-2021-34634 Nifty Newsletters <= 4.0.23 - Cross-Site Request Forgery to Stored Cross-Site Scripting
2021-07-31 00:00:00
wpvulndb
wpvulndb
Nifty Newsletters <= 4.0.23 - CSRF to Stored XSS
2021-07-30 00:00:00

0.001 Low

EPSS

Percentile

47.3%

JSON
Related for PATCHSTACK:FDB570EA002358BD67D32394CE029453
prion1cnvd1cve1nvd1cvelist1wpvulndb1