28 matches found
EUVD-2013-2579
Malware in sbrugna...
EUVD-2013-0742
Malware in sbrugna...
CVE-2024-13521
The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the masoptions function. This makes it possible for unauthenticated attackers to update settings and...
CVE-2013-2640
ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting XSS attacks via unspecified vectors related to "formData=save" requests, a...
WordPress MailUp Auto Subscription plugin <= 1.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin MailUp Auto Subscription versions = 1.1.0...
CVE-2024-13521
The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the masoptions function. This makes it possible for unauthenticated attackers to update settings and...
CVE-2024-13521
The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the masoptions function. This makes it possible for unauthenticated attackers to update settings and...
CVE-2024-13521 MailUp Auto Subscription <= 1.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the masoptions function. This makes it possible for unauthenticated attackers to update settings and...
CVE-2024-13521
CVE-2024-13521 affects the MailUp Auto Subscription plugin for WordPress up to version 1.1.0. The issue is a Cross-Site Request Forgery (CSRF) vulnerability caused by missing/incorrect nonce validation in the mas_options function, allowing unauthenticated attackers to update settings and inject m...
CVE-2024-13521 MailUp Auto Subscription <= 1.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the masoptions function. This makes it possible for unauthenticated attackers to update settings and...
PT-2025-2205 · WordPress · Mailup Auto Subscription
Name of the Vulnerable Software and Affected Versions: MailUp Auto Subscription plugin for WordPress version 1.1.0 and earlier Description: The issue is due to missing or incorrect nonce validation on the mas options function, making it possible for unauthenticated attackers to update settings an...
WordPress plugin MailUp Auto Subscription 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
blog.mailup.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1141981 Security Researcher g0bl1nsec Helped patch 3754 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting blog.mailup.com website a...
mailup.com XSS vulnerability
Open Bug Bounty ID: OBB-718716 Description| Value ---|--- Affected Website:| mailup.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...
lp.mailup.com XSS vulnerability
Vulnerable URL: https://lp.mailup.com/it/prova-gratuita/?email=a%2527aa%2522%2522%253E%253C/title%253E%253C/script%253E%253Csvg/onload=prompt/OPENBUGBOUNTY/%253E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.09.2017 Vulnerability type:| XSS Vulnerability status:|...
MailUp 1.3.2 - ajax.functions.php Ajax Function Call H&ling XSS Weakness
The MailUp newsletter sign-up form WordPress plugin was affected by an ajax.functions.php Ajax Function Call H XSS Weakness security vulnerability...
WordPress MailUp Plugin Multiple Vulnerabilities
WordPress MailUp Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Wordpress MailUp Plugin Multiple Vulnerabilities
This host is installed with Wordpress MailUp Plugin and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbwordpressmailupmultvuln.nasl 6086 2017-05-09 09:03:30Z teissa $ Wordpress MailUp Plugin Multiple Vulnerabilities Authors: Thanga Prakash S Copyright: Copyright c 2013...
CVE-2013-2640
ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting XSS attacks via unspecified vectors related to "formData=save" requests, a...
Cross site scripting
ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting XSS attacks via unspecified vectors related to "formData=save" requests, a...