2 matches found
CVE-2013-3264
The CVE-2013-3264 entry concerns the WordPress plugin WP Ultimate Email Marketer (version 1.1.0 and possibly earlier). The root cause is improper access controls that fail to restrict access to (1) list/edit.php and (2) campaign/editCampaign.php, enabling remote attackers to modify list or campai...
CVE-2013-3263
CVE-2013-3263 affects the WordPress WP Ultimate Email Marketer Plugin (tested with version 1.1.0 and possibly earlier). The connected sources describe multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script or HTML via a range of parameters (siteurl, action, campaignna...