CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-1002000

There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.086

EPSS Ranking 92.0%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

http://www.vapidlabs.com/advisory.php?v=203
https://wordpress.org/plugins/bft-autoresponder/
https://www.exploit-db.com/exploits/45434/
http://www.vapidlabs.com/advisory.php?v=203
https://wordpress.org/plugins/bft-autoresponder/
https://www.exploit-db.com/exploits/45434/

Products affected by CVE-2018-1002000

Kibokolabs » Arigato Autoresponder And Newsletter » Version: 2.5.1.8

cpe:2.3:a:kibokolabs:arigato_autoresponder_and_newsletter:2.5.1.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1002000

Products

Pricing

Contact Us