2 matches found
WordPress ENL Newsletter plugin <= 1.0.1 - Admin+ SQL Injection vulnerability
Admin+ SQL Injection vulnerability discovered by Bob Matyas in WordPress Plugin ENL Newsletter versions = 1.0.1...
WordPress ENL Newsletter Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software ENL Newsletter Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3059 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 02791c397f96 Credits Bob Matyas Required...