CVE-2018-1002000

Summary

There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request.

Affected Software

VendorProductVersion RangeStatus
Kiboko Labs https://calendarscripts.info/Arigato Autoresponder and Newsletterunspecified <= 2.5.1.8affected

Weaknesses

  • Blind SQL injection in WordPress Plugin Arigato Autoresponder and Newsletter v2.5.1.8

ADP Enrichment

CVE Program Container

Additional References

References