Skip to main content
CVE-2014-4725 HIGH POC PATCH THREAT Act Now

The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 81.8%.

WordPress PHP Authentication Bypass Mailpoet Newsletters
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
81.8%
Threat
5.5
CVE-2014-4726 HIGH PATCH This Week

Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8 for WordPress has unspecified impact and attack vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

WordPress Information Disclosure Mailpoet Newsletters
NVD
CVSS 2.0
7.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy