Filtered by vendor Subscribe2 Project
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-4309 | 1 Subscribe2 Project | 1 Subscribe2 | 2023-01-24 | N/A | 3.1 LOW |
| The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete arbitrary users by knowing their email via a CSRF attack. | |||||
| CVE-2014-6604 | 1 Subscribe2 Project | 1 Subscribe2 | 2018-04-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in class-s2-list-table.php in the Subscribe2 plugin before 10.16 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ip parameter. | |||||