Email Subscribers & Newsletters < 4.3.1 - Blind SQL Injection

Affects Plugin

fixed in version 4.3.1

References

CVE 2019-20361
URL https://www.wordfence.com/blog/2019/11/multiple-vulnerabilities-patched-in-email-subscribers-newsletters-plugin/

Classification

Type SQLI
OWASP Top 10 A1: Injection
CWE CWE-89

Miscellaneous

Views 3212
Verified No
WPVDB ID 9947

Timeline

Publicly Published 2019-11-13 (2 months ago)
Added 2019-11-13 (2 months ago)
Last Updated 2020-01-09 (8 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin