Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:2 a.m.4 views

CVE-2023-1844

The Subscribe2 plugin for WordPress is vulnerable to unauthorized access to email functionality due to a missing capability check when sending test emails in versions up to, and including, 10.40. This makes it possible for author-level attackers to send emails with arbitrary content and attachmen...

4.3CVSS7AI score0.00508EPSS
Exploits0References1
Circl
Circl
added 2023/06/28 7:12 a.m.5 views

CVE-2023-1844

creationtimestamp| type| source ---|---|--- 2023-06-28 07:12:33+00:00| seen| https://t.me/cibsecurity/65595...

4.3CVSS6.2AI score0.00508EPSS
Exploits0References1
CVE
CVE
added 2023/06/28 2:34 a.m.48 views

CVE-2023-1844

The CVE-2023-1844 entry concerns the WordPress plugin Subscribe2. The vulnerability arises from a missing capability check when sending test emails, enabling author-level attackers to send emails with arbitrary content/attachments to site users in versions up to and including 10.40. The impact is...

4.3CVSS4.8AI score0.00508EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/06/26 12:0 a.m.11 views

WordPress Subscribe2 Plugin <= 10.40 is vulnerable to Broken Access Control

Software Subscribe2 Type Plugin Vulnerable versions = 10.40 Fixed in 10.41 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-1844 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3c2b898b697a Credits Marco Wotschka Required privilege...

4.3CVSS6.5AI score0.00508EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder