Skip to main content

Mailpoet Newsletters

3 CVEs product

Monthly

CVE-2014-3907 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF WordPress Mailpoet Newsletters
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2014-4726 HIGH PATCH This Week

Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8 for WordPress has unspecified impact and attack vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

WordPress Information Disclosure Mailpoet Newsletters
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-4725 HIGH POC PATCH THREAT Act Now

The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 81.8%.

WordPress PHP Authentication Bypass Mailpoet Newsletters
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
81.8%
Threat
5.5
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF WordPress Mailpoet Newsletters
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8 for WordPress has unspecified impact and attack vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

WordPress Information Disclosure Mailpoet Newsletters
NVD
EPSS 82% 5.5 CVSS 7.5
HIGH POC PATCH THREAT Act Now

The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 81.8%.

WordPress PHP Authentication Bypass +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy