Mailpoet » Mailpoet Newsletters » 2.1.7 for wordpress : Security Vulnerabilities, CVEs,
An issue was discovered in the MailPoet Newsletters (aka wysija-newsletters) plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks.
Max CVSS
5.3
EPSS Score
0.08%
Published
2019-11-06
Updated
2020-08-24
Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8 for WordPress has unspecified impact and attack vectors.
Max CVSS
7.5
EPSS Score
0.26%
Published
2014-07-27
Updated
2014-07-28
The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using wp-admin/admin-post.php and accessing the theme in wp-content/uploads/wysija/themes/mailp/.
Max CVSS
7.5
EPSS Score
31.44%
Published
2014-07-27
Updated
2014-07-28
Cross-site request forgery (CSRF) vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary users.
Max CVSS
6.8
EPSS Score
0.16%
Published
2014-08-26
Updated
2014-08-27
4 vulnerabilities found