Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/22 4:43 p.m.5 views

CVE-2020-5768

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote, authenticated attacker to determine the value of database fields...

4.9CVSS7.3AI score0.01966EPSS
Exploits2References1
nessus
nessus
added 2020/08/27 12:0 a.m.29 views

WordPress Plugin 'Email Subscribers & Newsletters' Multiple Vulnerabilities

The WordPress application running on the remote host has a version of the 'Email Subscribers & Newsletters' plugin that is affected by multiple vulnerabilities. - A cross-site request forgery CSRF vulnerability exists in the sendtestemail component. An unauthenticated, remote attacker can exploit...

6.5CVSS5.9AI score0.01966EPSS
Exploits4References4
nvd
nvd
added 2020/07/17 10:15 p.m.32 views

CVE-2020-5768

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote, authenticated attacker to determine the value of database fields...

4.9CVSS0.01966EPSS
Exploits2References1
cve
cve
added 2020/07/17 9:22 p.m.49 views

CVE-2020-5768

CVE-2020-5768 targets the WordPress plugin Icegram Email Subscribers & Newsletters (v4.4.8) . The flaw is an authenticated SQL injection in the es_newsletters_settings_callback component, caused by improper sanitization, enabling a remote, logged-in attacker to infer database field values. This a...

4.9CVSS5.5AI score0.01966EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2020/07/17 9:22 p.m.33 views

CVE-2020-5768

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote, authenticated attacker to determine the value of database fields...

5.7AI score0.01966EPSS
Exploits2References1
Rows per page
Query Builder