CVE-2018-6015
The CVE-2018-6015 issue affects WordPress Email Subscribers & Newsletters plugin prior to v3.4.8. An attacker can trigger an information-disclosure by sending an HTTP POST to a URI ending with /?es=export and including option=view_all_subscribers in the body, which allows downloading a CSV contai...