Lucene search
WpvulndbWPVDB-ID:A0764617-6142-4EF7-94F9-1FB923E81E94HistoryNov 13, 2019 - 12:00 a.m.
Email Subscribers & Newsletters < 4.2.3 - Multiple Issues
2019-11-1300:00:00
wpscan.com
18
0.433 Medium
EPSS
Percentile
97.4%
- Unauthenticated File Download leading to Information Disclosure - Blind SQL Injection in INSERT statement - Insecure Permissions on Dashboard and Settings - CSRF on Settings - Send Test Emails from the Administrative Dashboard as an Authenticated User (with a role of Subscriber and above) - Unauthenticated Option Creation
| CPE | Name | Operator | Version |
|---|---|---|---|
| email-subscribers | lt | 4.2.3 |
Related
openvas
openvas
WordPress Email Subscribers Plugin < 4.2.3 Multiple Vulnerabilities
2020-01-06 00:00:00
nvd
nvd
cvelist
cvelist
prion
prion
Code injection
2019-12-26 03:15:00
Privilege escalation
2019-12-26 03:15:00
Cross site request forgery (csrf)
2019-12-26 03:15:00
cve
cve
symantec
symantec
zdt
zdt
packetstorm
packetstorm
WordPress Email Subscribers And Newsletters 4.2.2 File Disclosure
2020-07-27 00:00:00
nuclei
nuclei
WordPress Email Subscribers & Newsletters <4.2.3 - Arbitrary File Retrieval
2020-08-04 20:19:57
exploitdb
exploitdb