Mailpoet » Mailpoet Newsletters » 2.5.9.1 for wordpress : Security Vulnerabilities, CVEs,

cpe:2.3:a:mailpoet:mailpoet_newsletters:2.5.9.1:*:*:*:*:wordpress:*:*

CVE-2018-20853

An issue was discovered in the MailPoet Newsletters (aka wysija-newsletters) plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks.
Max CVSS
5.3
EPSS Score
0.08%
Published
2019-11-06
Updated
2020-08-24

CVE-2014-4726

Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8 for WordPress has unspecified impact and attack vectors.
Max CVSS
7.5
EPSS Score
0.26%
Published
2014-07-27
Updated
2014-07-28

CVE-2014-4725

The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using wp-admin/admin-post.php and accessing the theme in wp-content/uploads/wysija/themes/mailp/.
Max CVSS
7.5
EPSS Score
38.76%
Published
2014-07-27
Updated
2014-07-28

CVE-2014-3907

Cross-site request forgery (CSRF) vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary users.
Max CVSS
6.8
EPSS Score
0.16%
Published
2014-08-26
Updated
2014-08-27
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close