MailPoet Newsletters (Previous) — Plugin Vulnerabilities

N/A Closed

< 2.7

MailPoet Newsletters <= 2.6.19 - Unauthenticated Reflected Cross-Site Scripting (XSS)

WPScan

N/A Closed

< 2.7.3

MailPoet Newsletters <= 2.7.2 - Authenticated Reflected Cross-Site Scripting (XSS)

WPScan

N/A Closed

< 2.7.3

MailPoet Newsletters <= 2.7.2 - SQL Injection

WPScan

N/A Closed

< 2.1.7

Wysija Newsletters - swfupload Cross-Site Scripting

WPScan

N/A Closed

2012-11-22< 2.1.7

MailPoet Newsletters (Previous) <= 2.1.6 - Cross-Site Scripting

Wordfence

N/A Closed

2013-07-19< 2.1.7

CVE-2012-3414

CVE Wordfence

N/A Closed

2016-02-02< 2.7

MailPoet Newsletters <= 2.6.19 - Reflected Cross-Site Scripting

Wordfence

N/A Closed

2016-09-10< 2.7.3

MailPoet Newsletters <= 2.7.2 - Reflected Cross-Site Scripting

Wordfence

N/A Closed

2016-09-11< 2.7.3

MailPoet Newsletters <= 2.7.2 - SQL Injection

Wordfence

N/A Closed

2013-02-06< 2.3

WordPress Wysija Newsletters Plugin - Multiple SQL Injection Vulnerabilities

Patchstack

N/A Closed

2015-05-15< 2.1.7

WordPress Wysija Newsletters Plugin <= 2.1.6 - Cross Site Scripting

Patchstack

N/A Closed

2016-02-02< 2.7

WordPress MailPoet Newsletters Plugin <= 2.6.19 - Cross Site Scripting

Patchstack

N/A Closed

2016-09-11< 2.7.3

WordPress MailPoet Newsletters Plugin <= 2.7.2 - SQL Injection

Patchstack

N/A Closed

2016-09-11< 2.7.3

WordPress MailPoet Newsletters Plugin <= 2.7.2 - Reflected Cross Site Scripting

Patchstack

N/A Closed

2014-03-24< 2.2.1

CVE-2013-1408

CVE Wordfence WPScan

N/A Closed

2014-09-21< 2.6.8

MailPoet Newsletters <= 2.6.7 - Authorization Bypass

Wordfence CVE Patchstack WPScan

N/A Closed

2014-08-01< 2.6.7

MailPoet Newsletters <= 2.6.6 - Arbitrary File Upload

Wordfence CVE Patchstack WPScan

N/A Closed

2014-09-21< 2.6.11

MailPoet Newsletters (Previous) <= 2.6.10 - Cross-Site Request Forgery

Wordfence CVE JVN Patchstack WPScan

Medium 5.3 Closed

2019-11-06< 2.8.2

CVE-2018-20853

CVE Wordfence WPScan