2 matches found
WordPress Email Subscribers & Newsletters Plugin Information Disclosure Vulnerability
WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports personal blog sites on PHP and MySQL servers.Email Subscribers & Newsletters plugin is used in one of the push message plugin. An information disclosure vulnerability exists in...
CVE-2018-6015
An issue was discovered in the "Email Subscribers & Newsletters" plugin before 3.4.8 for WordPress. Sending an HTTP POST request to a URI with /?es=export at the end, and adding option=viewallsubscribers in the body, allows downloading of a CSV data file with all subscriber data...