5 matches found
CVE-2020-5768
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote, authenticated attacker to determine the value of database fields...
WordPress Plugin 'Email Subscribers & Newsletters' Multiple Vulnerabilities
The WordPress application running on the remote host has a version of the 'Email Subscribers & Newsletters' plugin that is affected by multiple vulnerabilities. - A cross-site request forgery CSRF vulnerability exists in the sendtestemail component. An unauthenticated, remote attacker can exploit...
CVE-2020-5768
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote, authenticated attacker to determine the value of database fields...
CVE-2020-5768
CVE-2020-5768 targets the WordPress plugin Icegram Email Subscribers & Newsletters (v4.4.8) . The flaw is an authenticated SQL injection in the es_newsletters_settings_callback component, caused by improper sanitization, enabling a remote, logged-in attacker to infer database field values. This a...
CVE-2020-5768
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote, authenticated attacker to determine the value of database fields...