CVE-2019-19980

The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a privilege bypass flaw that allowed authenticated users (Subscriber or greater access) to send test emails from the administrative dashboard on behalf of an administrator. This occurs because the plugin registers a wp_ajax function to send_test_email.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:icegram:email_subscribers_\&_newsletters:*:*:*:*:*:wordpress:*:*

Information

Published : 2019-12-25 19:15

Updated : 2020-08-24 10:37


NVD link : CVE-2019-19980

Mitre link : CVE-2019-19980


JSON object : View

Advertisement

dedicated server usa

Products Affected

icegram

  • email_subscribers_\&_newsletters