24 matches found
MailPoet Newsletters 2.6.19 Cross Site Scripting
A cross site scripting vulnerability exists in MailPoet Newsletters WordPress Plugin version 2.6.19. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
EUVD-2018-13393
Malware in sbrugna...
EUVD-2014-4645
Malware in sbrugna...
CVE-2018-20853
An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...
CVE-2018-20853
An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...
CVE-2018-20853
An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...
Design/Logic Flaw
An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...
CVE-2018-20853
An issue was discovered in the MailPoet Newsletters aka wysija-newsletters plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks...
CVE-2018-20853
Technical details for CVE-2018-20853 are not publicly available in the provided documents. Monitor for updates from vendor and security advisories.
Zomato: MailPoet Newsletters <= 2.7.2 - Authenticated Reflected Cross-Site Scripting (XSS)
Hello Team Abstract:- A Cross-Site Scripting vulnerability was found in the MailPoet Newsletters plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their behalf. In order to exploit this...
WordPress MailPoet Newsletters 2.7.2 Cross Site Scripting
------------------------------------------------------------------------ Reflected Cross-Site Scripting vulnerability in MailPoet Newsletters plugin ------------------------------------------------------------------------ Sipke Mellema, July 2016...
WordPress MailPoet Newsletter Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers running PHP and MySQL.MailPoet Newsletters is a newsletter plugin for WordPress that supports the creation of newsletters and the automation of notifications and responses. A cross-sit...
MailPoet Newsletters 2.6.19 Cross Site Scripting
Information -------------------- Advisory by Netsparker Name: XSS Vulnerability in MailPoet Newsletters Affected Software : MailPoet Newsletters Affected Versions: v2.6.19 and possibly below Vendor Homepage : http://www.mailpoet.com/ Vulnerability Type : Cross-site Scripting Severity : Important...
WordPress MailPoet Newsletters File Upload
File upload vulnerability in WordPress MailPoet Newsletters wysija-newsletters Plugin Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...
CVE-2014-3907
Cross-site request forgery CSRF vulnerability in the MailPoet Newsletters wysija-newsletters plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary users...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the MailPoet Newsletters wysija-newsletters plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary users...
CVE-2014-3907
CVE-2014-3907 concerns a cross-site request forgery (CSRF) vulnerability in the WordPress plugin MailPoet Newsletters (wysija-newsletters) up to version 2.6.10. The root cause is CSRF that enables an attacker to hijack the authentication of arbitrary users when they view a malicious page while lo...
MailPoet Newsletters vulnerable to cross-site request forgery
Overview MailPoet Newsletters is a plugin for WordPress. MailPoet Newsletters contains a cross-site request forgery vulnerability. Yoshinori Matsumoto reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If a use...
CVE-2014-4726
Unspecified vulnerability in the MailPoet Newsletters wysija-newsletters plugin before 2.6.8 for WordPress has unspecified impact and attack vectors...
CVE-2014-4725
The MailPoet Newsletters wysija-newsletters plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using wp-admin/admin-post.php and accessing the theme in wp-content/uploads/wysija/themes/mailp/...