CVE-2018-1002000
N/A
N/A
Summary
There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter | unspecified <= 2.5.1.8 | affected |
Weaknesses
- Blind SQL injection in WordPress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
ADP Enrichment
CVE Program Container
Additional References
- https://www.exploit-db.com/exploits/45434/
- https://wordpress.org/plugins/bft-autoresponder/
- http://www.vapidlabs.com/advisory.php?v=203
References
- https://www.exploit-db.com/exploits/45434/
- https://wordpress.org/plugins/bft-autoresponder/
- http://www.vapidlabs.com/advisory.php?v=203
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.