Icegram - Email Subscribers \& Newsletters CVE

Filtered by vendor Icegram Subscribe

Filtered by product Email Subscribers \& Newsletters

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-6015	1 Icegram	1 Email Subscribers \& Newsletters	2018-02-12	5.0 MEDIUM	7.5 HIGH
An issue was discovered in the "Email Subscribers & Newsletters" plugin before 3.4.8 for WordPress. Sending an HTTP POST request to a URI with /?es=export at the end, and adding option=view_all_subscribers in the body, allows downloading of a CSV data file with all subscriber data.

Vulnerabilities (CVE)