Email Subscribers & Newsletters Security Vulnerabilities and Issues — Email Subscribers & Newsletters CVE List

Lucene search

IcegramEmail Subscribers & Newsletters

4 matches found

CVE•added 2020/01/08 6:15 a.m.•210 views

CVE-2019-20361

There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability).

9.8CVSS9.6AI score0.32445EPSS

CVE•added 2020/09/10 3:15 p.m.•47 views

CVE-2020-5780

Missing Authentication for Critical Function in Icegram Email Subscribers & Newsletters Plugin for WordPress prior to version 4.5.6 allows a remote, unauthenticated attacker to conduct unauthenticated email forgery/spoofing.

5.3CVSS5.2AI score0.00317EPSS

CVE•added 2020/07/17 10:15 p.m.•39 views

CVE-2020-5767

Cross-site request forgery in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote attacker to send forged emails by tricking legitimate users into clicking a crafted link.

6.5CVSS6.4AI score0.00127EPSS

CVE•added 2020/07/17 10:15 p.m.•34 views

CVE-2020-5768

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote, authenticated attacker to determine the value of database fields.

4.9CVSS5.5AI score0.0105EPSS