207 matches found
CVE-2018-1002000
CVE-2018-1002000 describes an authenticated blind SQL injection in the WordPress plugin Arigato Autoresponder and Newsletter (versions up to 2.5.1.8). The vulnerability is triggered via the POST parameter del_ids and requires administrative privileges to exploit. Impact is SQL injection with part...
CVE-2018-1002003
CVE-2018-1002003 corresponds to a reflected XSS vulnerability in the WordPress plugin Arigato Autoresponder and Newsletter, version 2.5.1.8, with exploitation requiring administrative privileges. The connected documents indicate this entry is part of a broader set of vulnerabilities in the same p...
CVE-2018-1002001
CVE-2018-1002001 is a reflected XSS affecting the WordPress Arigato Autoresponder and Newsletter plugin (version 2.5.1.8). The vulnerability requires administrative privileges to exploit. Impact details are limited to the XSS exposure described by the sources; no exploitation vectors beyond this ...
CVE-2018-1002008
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable...
CVE-2018-1002002
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit...
CVE-2018-1002001
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit...
CVE-2018-1002004
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit...
CVE-2018-1002007
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable htmlid...
CVE-2018-1002009
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable...
CVE-2018-1002002
CVE-2018-1002002 corresponds to a reflected XSS vulnerability in WordPress Arigato Autoresponder and Newsletter plugin (v2.5.1.8) that, per the initial description, requires administrative privileges to exploit. Connected sources expand the vulnerability set for this plugin to include authenticat...
CVE-2018-1002007
Affected software. WordPress plugins: Arigato Autoresponder and Newsletter (v2.5.1.8 affected; plugin by Kiboko Labs). Vulnerability details. A reflected XSS exists in the integration-contact-form.html.php:15 handler via a POST parameter html_id. The CVE entry states this requires administrative ...
CVE-2018-1002004
CVE-2018-1002004 is about WordPress plugin Arigato Autoresponder and Newsletter (v2.5.1.8 and earlier). Connected sources confirm a vulnerability in this plugin consisting of an Authenticated Blind SQL Injection and multiple reflected XSS vulnerabilities. The WP plugin’s flaws affect the bft-auto...
CVE-2018-1002008
The CVE-2018-1002008 entry pertains to the WordPress plugin Arigato Autoresponder and Newsletter (v2.5.1.8 affected). Public records describe an authenticated vulnerability surface: a reflected XSS in list-user.html.php via a GET offset parameter, which is exploitable by an attacker with administ...
WordPress Arigato Autoresponder and Newsletter Plugin Has Unspecified Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Arigato Autoresponder and Newsletter plugin is an autoresponder plugin used in the ... A security vulnerability...
CVE-2018-18461
The Arigato Autoresponder and Newsletter aka bft-autoresponder v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments data to models/attachment.php...
CVE-2018-18461
The Arigato Autoresponder and Newsletter aka bft-autoresponder v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments data to models/attachment.php...
CVE-2018-18461
The Arigato Autoresponder and Newsletter aka bft-autoresponder v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments data to models/attachment.php...
CVE-2018-18461
The connected CNVD/NVD entries confirm a concrete vulnerability in the WordPress plugin Arigato Autoresponder and Newsletter (aka bft-autoresponder), version 2.5.1.7. The flaw resides in the models/attachment.php handler and allows remote attackers to execute arbitrary PHP code by supplying PHP c...
Wordpress Arigato Autoresponder and Newsletter Cross-Site Scripting Vulnerability (CNVD-2019-29707)
WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports personal blog sites on PHP and MySQL servers.Arigato Autoresponder and Newsletter is an autoresponder plugin used in... A cross-site scripting vulnerability exists in the...
Wordpress Arigato Autoresponder and Newsletter Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports personal blog sites on PHP and MySQL servers.Arigato Autoresponder and Newsletter is an autoresponder plugin used in... A cross-site scripting vulnerability exists in the...