Filtered by vendor Sola-newsletters Project
Subscribe
Filtered by product Sola-newsletters
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-34634 | 1 Sola-newsletters Project | 1 Sola-newsletters | 2021-08-12 | 6.8 MEDIUM | 8.8 HIGH |
The Nifty Newsletters WordPress plugin is vulnerable to Cross-Site Request Forgery via the sola_nl_wp_head function found in the ~/sola-newsletters.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.0.23. |