Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Subscribe2 Project Subscribe
Filtered by product Subscribe2
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-4309 1 Subscribe2 Project 1 Subscribe2 2023-01-24 N/A 3.1 LOW
The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete arbitrary users by knowing their email via a CSRF attack.
CVE-2014-6604 1 Subscribe2 Project 1 Subscribe2 2018-04-19 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in class-s2-list-table.php in the Subscribe2 plugin before 10.16 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ip parameter.