Vulnerabilities (CVE)

Filtered by vendor Mailpoet Subscribe

Filtered by product Mailpoet Newsletters

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2014-3907	1 Mailpoet	1 Mailpoet Newsletters	2014-08-27	6.8 MEDIUM	N/A
Cross-site request forgery (CSRF) vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary users.
CVE-2014-4726	1 Mailpoet	1 Mailpoet Newsletters	2014-07-28	7.5 HIGH	N/A
Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8 for WordPress has unspecified impact and attack vectors.
CVE-2014-4725	1 Mailpoet	1 Mailpoet Newsletters	2014-07-28	7.5 HIGH	N/A
The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using wp-admin/admin-post.php and accessing the theme in wp-content/uploads/wysija/themes/mailp/.