Mail Subscribe List < 2.1.4 - Arbitrary Subscribed User Deletion via CSRF

The plugin does not have CSRF check in place when deleting subscribed users, which could allow attackers to make a logged in admin perform such action and delete arbitrary users from the subscribed list document.getElementById"test".submit;...

WordPress Mail Subscribe List plugin <= 2.1.3 - Arbitrary Subscribed User Deletion via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Subscribed User Deletion via Cross-Site Request Forgery CSRF vulnerability was discovered by Daniel Ruf in the WordPress Mail Subscribe List plugin versions = 2.1.3. Solution Update the WordPress Mail Subscribe List plugin to the latest available version at least 2.1.4...

CVE-2022-0424

The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users...

WordPress plugin Popup by Supsystic 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An Access Control Error vulnerability exist...

Juniper Junos OS Denial of Service Vulnerability (CNVD-2018-21801)

Juniper Junos OS is a Juniper Networks network operating system designed for the company's hardware systems. The OS provides a secure programming interface and the Junos SDK. A denial of service vulnerability exists in Juniper Junos OS, which arises from the program's failure to restrict the IP...