207 matches found
CVE-2023-0543 Arigato Autoresponder and Newsletter < 2.1.7.2 - Admin+ Stored XSS
The Arigato Autoresponder and Newsletter WordPress plugin before 2.1.7.2 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2023-0543 Arigato Autoresponder and Newsletter < 2.1.7.2 - Admin+ Stored XSS
The Arigato Autoresponder and Newsletter WordPress plugin before 2.1.7.2 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2023-0543
CVE-2023-0543 affects the WordPress plugin Arigato Autoresponder and Newsletter, prior to version 2.1.7.2. Root cause: insufficient sanitization/escaping of settings allowing Stored XSS by high-privilege admins, even when unfiltered_html is disallowed. Documented impact: Stored XSS with admin+ pr...
WordPress Plugin Arigato Autoresponder and Newsletter 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.1 is vulnerable to Cross Site Scripting (XSS)
Software Arigato Autoresponder and Newsletter Type Plugin Vulnerable versions = 2.7.1 Fixed in 2.7.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25031 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 587f7c05becf Credits...
Arigato Autoresponder and Newsletter < 2.7.1.1 - Unauthenticated Stored XSS
The plugin does not sanitise and escape some parameters, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks...
WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.1.1 is vulnerable to Cross Site Scripting (XSS)
Software Arigato Autoresponder and Newsletter Type Plugin Vulnerable versions = 2.7.1.1 Fixed in 2.7.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25061 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d6cfa2bc3409 Credit...
WordPress Arigato Autoresponder and Newsletter Plugin < 2.7.1.2 is vulnerable to Cross Site Scripting (XSS)
Software Arigato Autoresponder and Newsletter Type Plugin Vulnerable versions 2.7.1.2 Fixed in 2.7.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0543 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e5225dad6b06 Credits...
Arigato Autoresponder and Newsletter < 2.1.7.2 - Admin+ Stored XSS
The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC 1. Go to the Mailing list option and register a new user with the value...
Arigato Autoresponder and Newsletter < 2.1.7.2 - Admin+ Stored XSS
The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. 1. Go to the Mailing list option and register a new user with the value "autofoc...
GHSA-5JPH-WRQ7-V9HF Denial of service in Mattermost
A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages...
Denial of service in Mattermost
A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages...
CVE-2022-4044
A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages...
CVE-2022-4044 Authenticated user could send multiple requests containing a large Auto Responder Message payload and can crash a Mattermost server
A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages...
CVE-2022-4044
CVE-2022-4044 is a Mattermost DoS affecting authenticated users who can crash the server by sending large auto-responder messages. The vulnerability stems from unbounded Auto Responder Message payloads, enabling resource exhaustion (notably via large autoresponder content). Affected Mattermost Se...
PT-2022-25386 · Unknown · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: A denial-of-service issue allows an authenticated user to crash the server by sending multiple large autoresponder messages. Recommendations: At the moment, there is no information about...
AutoResponder - Carbon Black Response IR Tool
What is it? AutoResponder is a tool aimed to help people to carry out their Incident Response tasks WITH the help of Carbon Black Response's awesome capabilities and WITHOUT much bothering IT/System/Network Teams What can it do? Module | ✔️ / ❌ ---|--- Delete Files | ✔️ Delete Registry Values | ✔️...
CVE-2022-0954
Multiple Stored Cross-site Scripting XSS Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11...
CVE-2021-44779
Unauthenticated SQL Injection SQLi vulnerability discovered in GWA AutoResponder WordPress plugin versions = 2.3, vulnerable at &listid. No patched version available, plugin closed...
CVE-2021-44779
Unauthenticated SQL Injection SQLi vulnerability discovered in GWA AutoResponder WordPress plugin versions = 2.3, vulnerable at &listid. No patched version available, plugin closed...