cbcvebase.

Kiboko Labs Https Calendarscripts.Info Arigato Autoresponder And Newsletter vulnerabilities

10 known vulnerabilities affecting kiboko_labs_https/calendarscripts.info_arigato_autoresponder_and_newsletter.

Total CVEs
10
CISA KEV
0
Public exploits
10
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM9

Vulnerabilities

Page 1 of 1
CVE-2018-1002000P3HIGHCVSS 7.2PoC≥ unspecified, ≤ 2.5.1.82018-12-03
CVE-2018-1002000 [HIGH] CWE-89 CVE-2018-1002000: There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulner There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request.
nvd
CVE-2018-1002005P4MEDIUMCVSS 4.8PoC≥ unspecified, ≤ 2.5.1.82018-12-03
CVE-2018-1002005 [MEDIUM] CWE-79 CVE-2018-1002005: These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter.
nvd
CVE-2018-1002001P4MEDIUMCVSS 4.8PoC≥ unspecified, ≤ 2.5.1.82018-12-03
CVE-2018-1002001 [MEDIUM] CWE-79 CVE-2018-1002001: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 T There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
nvd
CVE-2018-1002003P4MEDIUMCVSS 4.8PoC≥ unspecified, ≤ 2.5.1.82018-12-03
CVE-2018-1002003 [MEDIUM] CWE-79 CVE-2018-1002003: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 T There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
nvd
CVE-2018-1002004P4MEDIUMCVSS 4.8PoC≥ unspecified, ≤ 2.5.1.82018-12-03
CVE-2018-1002004 [MEDIUM] CWE-79 CVE-2018-1002004: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 T There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
nvd
CVE-2018-1002002P4MEDIUMCVSS 4.8PoC≥ unspecified, ≤ 2.5.1.82018-12-03
CVE-2018-1002002 [MEDIUM] CWE-79 CVE-2018-1002002: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 T There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
nvd
CVE-2018-1002007P4MEDIUMCVSS 4.8PoC≥ unspecified, ≤ 2.5.1.82018-12-03
CVE-2018-1002007 [MEDIUM] CWE-79 CVE-2018-1002007: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 T There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id.
nvd
CVE-2018-1002006P4MEDIUMCVSS 4.8PoC≥ unspecified, ≤ 2.5.1.82018-12-03
CVE-2018-1002006 [MEDIUM] CWE-79 CVE-2018-1002006: These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes
nvd
CVE-2018-1002009P4MEDIUMCVSS 4.8PoC≥ unspecified, ≤ 2.5.1.82018-12-03
CVE-2018-1002009 [MEDIUM] CWE-79 CVE-2018-1002009: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 T There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable.
nvd
CVE-2018-1002008P4MEDIUMCVSS 4.8PoC≥ unspecified, ≤ 2.5.1.82018-12-03
CVE-2018-1002008 [MEDIUM] CWE-79 CVE-2018-1002008: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 T There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable.
nvd
Kiboko Labs Https Calendarscripts.Info Arigato Autoresponder And Newsletter vulnerabilities | cvebase