10 matches found
EUVD-2013-2579
Malware in sbrugna...
EUVD-2013-0742
Malware in sbrugna...
CVE-2013-2640
ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting XSS attacks via unspecified vectors related to "formData=save" requests, a...
CVE-2024-13521
The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the masoptions function. This makes it possible for unauthenticated attackers to update settings and...
WordPress MailUp Plugin Multiple Vulnerabilities
WordPress MailUp Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Wordpress MailUp Plugin Multiple Vulnerabilities
This host is installed with Wordpress MailUp Plugin and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbwordpressmailupmultvuln.nasl 6086 2017-05-09 09:03:30Z teissa $ Wordpress MailUp Plugin Multiple Vulnerabilities Authors: Thanga Prakash S Copyright: Copyright c 2013...
CVE-2013-2640
ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting XSS attacks via unspecified vectors related to "formData=save" requests, a...
CVE-2013-0731
MailUp WordPress plugin vulnerable to an access-control flaw in ajax.functions.php. Versions before 1.3.3 allow remote modification of plugin settings and XSS by leveraging unspecified Ajax functions; this stems from an incomplete fix for a prior issue (1.3.2). A related CVE notes a similar flaw ...
CVE-2013-0731
ajax.functions.php in the MailUp plugin before 1.3.3 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting XSS attacks by setting the wordpressloggedin cookie. NOTE: this is due to an...
WordPress WP MailUp Plugin <= 1.3.1 - BYPASS
Because of this vulnerability, the attackers can modify plugin settings and conduct cross-site scripting attacks via unspecified vectors. Solution Update the plugin...