CVE-2019-19981

Published: Dec 26, 2019

Modified: Aug 5, 2024

PUBLISHED

CVSS v3.0

5.4

MEDIUM

The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for CSRF to be exploited on all plugin settings.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

CVSS v3.0 Vector

CVSS:3.0/AC:L/AV:N/A:L/C:N/I:L/PR:N/S:U/UI:R

Attack Complexity

Low

Attack Vector

Network

Availability

Low

Confidentiality

None

Integrity

Low

Privileges Required

None

Scope

Unchanged

User Interaction

Required

x_refsource_MISC

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.