Lucene search
+L

207 matches found

CVE
CVE
added 2018/12/03 4:0 p.m.68 views

CVE-2018-1002000

CVE-2018-1002000 describes an authenticated blind SQL injection in the WordPress plugin Arigato Autoresponder and Newsletter (versions up to 2.5.1.8). The vulnerability is triggered via the POST parameter del_ids and requires administrative privileges to exploit. Impact is SQL injection with part...

7.2CVSS7.3AI score0.04354EPSS
Exploits5References3Affected Software1
CVE
CVE
added 2018/12/03 4:0 p.m.69 views

CVE-2018-1002003

CVE-2018-1002003 corresponds to a reflected XSS vulnerability in the WordPress plugin Arigato Autoresponder and Newsletter, version 2.5.1.8, with exploitation requiring administrative privileges. The connected documents indicate this entry is part of a broader set of vulnerabilities in the same p...

4.8CVSS5.2AI score0.02923EPSS
Exploits5References3Affected Software1
CVE
CVE
added 2018/12/03 4:0 p.m.71 views

CVE-2018-1002001

CVE-2018-1002001 is a reflected XSS affecting the WordPress Arigato Autoresponder and Newsletter plugin (version 2.5.1.8). The vulnerability requires administrative privileges to exploit. Impact details are limited to the XSS exposure described by the sources; no exploitation vectors beyond this ...

4.8CVSS5.2AI score0.02948EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2018/12/03 4:0 p.m.21 views

CVE-2018-1002008

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable...

5.4AI score0.02582EPSS
Exploits5References3
Cvelist
Cvelist
added 2018/12/03 4:0 p.m.24 views

CVE-2018-1002002

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit...

5.4AI score0.02923EPSS
Exploits5References3
Cvelist
Cvelist
added 2018/12/03 4:0 p.m.21 views

CVE-2018-1002001

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit...

5.4AI score0.02948EPSS
Exploits5References3
Cvelist
Cvelist
added 2018/12/03 4:0 p.m.23 views

CVE-2018-1002004

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit...

5.4AI score0.02923EPSS
Exploits5References3
Cvelist
Cvelist
added 2018/12/03 4:0 p.m.21 views

CVE-2018-1002007

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable htmlid...

5.4AI score0.02582EPSS
Exploits5References3
Cvelist
Cvelist
added 2018/12/03 4:0 p.m.23 views

CVE-2018-1002009

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable...

5.4AI score0.02604EPSS
Exploits5References3
CVE
CVE
added 2018/12/03 4:0 p.m.62 views

CVE-2018-1002002

CVE-2018-1002002 corresponds to a reflected XSS vulnerability in WordPress Arigato Autoresponder and Newsletter plugin (v2.5.1.8) that, per the initial description, requires administrative privileges to exploit. Connected sources expand the vulnerability set for this plugin to include authenticat...

4.8CVSS5.2AI score0.02923EPSS
Exploits5References3Affected Software1
CVE
CVE
added 2018/12/03 4:0 p.m.66 views

CVE-2018-1002007

Affected software. WordPress plugins: Arigato Autoresponder and Newsletter (v2.5.1.8 affected; plugin by Kiboko Labs). Vulnerability details. A reflected XSS exists in the integration-contact-form.html.php:15 handler via a POST parameter html_id. The CVE entry states this requires administrative ...

4.8CVSS5.2AI score0.02582EPSS
Exploits5References3Affected Software1
CVE
CVE
added 2018/12/03 4:0 p.m.69 views

CVE-2018-1002004

CVE-2018-1002004 is about WordPress plugin Arigato Autoresponder and Newsletter (v2.5.1.8 and earlier). Connected sources confirm a vulnerability in this plugin consisting of an Authenticated Blind SQL Injection and multiple reflected XSS vulnerabilities. The WP plugin’s flaws affect the bft-auto...

4.8CVSS5.2AI score0.02923EPSS
Exploits5References3Affected Software1
CVE
CVE
added 2018/12/03 4:0 p.m.66 views

CVE-2018-1002008

The CVE-2018-1002008 entry pertains to the WordPress plugin Arigato Autoresponder and Newsletter (v2.5.1.8 affected). Public records describe an authenticated vulnerability surface: a reflected XSS in list-user.html.php via a GET offset parameter, which is exploitable by an attacker with administ...

4.8CVSS5.2AI score0.02582EPSS
Exploits5References3Affected Software1
CNVD
CNVD
added 2018/10/22 12:0 a.m.5 views

WordPress Arigato Autoresponder and Newsletter Plugin Has Unspecified Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Arigato Autoresponder and Newsletter plugin is an autoresponder plugin used in the ... A security vulnerability...

9.8CVSS7.4AI score0.04184EPSS
Exploits1References1
OSV
OSV
added 2018/10/18 6:29 a.m.5 views

CVE-2018-18461

The Arigato Autoresponder and Newsletter aka bft-autoresponder v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments data to models/attachment.php...

9.8CVSS6.1AI score0.04184EPSS
Exploits1References2
NVD
NVD
added 2018/10/18 6:29 a.m.16 views

CVE-2018-18461

The Arigato Autoresponder and Newsletter aka bft-autoresponder v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments data to models/attachment.php...

9.8CVSS9.8AI score0.04184EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/10/18 6:0 a.m.22 views

CVE-2018-18461

The Arigato Autoresponder and Newsletter aka bft-autoresponder v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments data to models/attachment.php...

9.9AI score0.04184EPSS
Exploits1References2
CVE
CVE
added 2018/10/18 6:0 a.m.50 views

CVE-2018-18461

The connected CNVD/NVD entries confirm a concrete vulnerability in the WordPress plugin Arigato Autoresponder and Newsletter (aka bft-autoresponder), version 2.5.1.7. The flaw resides in the models/attachment.php handler and allows remote attackers to execute arbitrary PHP code by supplying PHP c...

9.8CVSS9.8AI score0.04184EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2018/09/21 12:0 a.m.9 views

Wordpress Arigato Autoresponder and Newsletter Cross-Site Scripting Vulnerability (CNVD-2019-29707)

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports personal blog sites on PHP and MySQL servers.Arigato Autoresponder and Newsletter is an autoresponder plugin used in... A cross-site scripting vulnerability exists in the...

4.8CVSS6AI score0.02582EPSS
Exploits5References1
CNVD
CNVD
added 2018/09/21 12:0 a.m.8 views

Wordpress Arigato Autoresponder and Newsletter Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports personal blog sites on PHP and MySQL servers.Arigato Autoresponder and Newsletter is an autoresponder plugin used in... A cross-site scripting vulnerability exists in the...

4.8CVSS6AI score0.02604EPSS
Exploits5References1
Rows per page
Query Builder