Critical severity9.8NVD Advisory· Published Jan 8, 2020· Updated Jun 17, 2026
CVE-2019-20361
CVE-2019-20361
Description
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Email Subscribers & Newslettersdescription
- Range: <4.3.1
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/158568/WordPress-Email-Subscribers-And-Newsletters-4.2.2-SQL-Injection.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.wordfence.com/blog/2019/11/multiple-vulnerabilities-patched-in-email-subscribers-newsletters-plugin/nvdExploitThird Party Advisory
- wpvulndb.com/vulnerabilities/9947nvdThird Party Advisory
News mentions
0No linked articles in our index yet.