Kibokolabs - Arigato Autoresponder And Newsletter CVE

Filtered by vendor Kibokolabs Subscriptions

Filtered by product Arigato Autoresponder And Newsletter Subscriptions

Total 16 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-47686	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-12	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.2.2 versions.
CVE-2018-1002007	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-05	N/A
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id.
CVE-2018-1002005	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-05	N/A
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter.
CVE-2018-1002002	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-05	N/A
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
CVE-2018-1002006	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-05	N/A
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes
CVE-2018-1002003	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-05	N/A
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
CVE-2018-1002009	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-05	N/A
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable.
CVE-2018-1002001	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-05	N/A
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
CVE-2018-1002000	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-05	N/A
There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request.
CVE-2018-1002008	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-05	N/A
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable.
CVE-2018-1002004	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-05	N/A
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
CVE-2018-18461	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-05	N/A
The Arigato Autoresponder and Newsletter (aka bft-autoresponder) v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments[] data to models/attachment.php.
CVE-2023-25061	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-02	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.
CVE-2023-25031	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-02	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1 versions.
CVE-2023-25020	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-02	7.1 High
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.
CVE-2023-0543	1 Kibokolabs	1 Arigato Autoresponder And Newsletter	2024-08-02	4.8 Medium
The Arigato Autoresponder and Newsletter WordPress plugin before 2.1.7.2 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Page 1 of 1.