Mailpoet Newsletters@2.6.5 Security Vulnerabilities and Issues — Mailpoet Newsletters@2.6.5 CVE List

Lucene search

MailpoetMailpoet Newsletters2.6.5

3 matches found

CVE•added 2014/07/27 6:55 p.m.•120 views

CVE-2014-4725

The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using wp-admin/admin-post.php and accessing the theme in wp-content/uploads/wysija/themes/mailp/.

7.5CVSS7.9AI score0.38519EPSS

CVE•added 2014/08/26 2:55 p.m.•36 views

CVE-2014-3907

Cross-site request forgery (CSRF) vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary users.

6.8CVSS7.5AI score0.00102EPSS

CVE•added 2014/07/27 6:55 p.m.•25 views

CVE-2014-4726

Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8 for WordPress has unspecified impact and attack vectors.

7.5CVSS6.9AI score0.00352EPSS