VYPR

Arigato Autoresponder

by WordPress

CVEs (7)

  • CVE-2018-18461CriOct 18, 2018
    risk 0.64cvss 9.8epss 0.04

    The Arigato Autoresponder and Newsletter (aka bft-autoresponder) v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments[] data to models/attachment.php.

  • CVE-2018-1002008MedDec 3, 2018
    risk 0.34cvss 4.8epss 0.03

    There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable.

  • CVE-2018-1002007MedDec 3, 2018
    risk 0.34cvss 4.8epss 0.03

    There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id.

  • CVE-2018-1002006MedDec 3, 2018
    risk 0.34cvss 4.8epss 0.03

    These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes

  • CVE-2018-1002005MedDec 3, 2018
    risk 0.34cvss 4.8epss 0.03

    These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter.

  • CVE-2018-1002002MedDec 3, 2018
    risk 0.34cvss 4.8epss 0.03

    There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.

  • CVE-2018-1002001MedDec 3, 2018
    risk 0.34cvss 4.8epss 0.03

    There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.