VYPR

Mail Masta

by Mail Masta Project

Source repositories

CVEs (14)

  • CVE-2017-6095CriFeb 21, 2017
    risk 0.67cvss 9.8epss 0.06

    A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.

  • CVE-2017-6098HigFeb 21, 2017
    risk 0.50cvss 7.2epss 0.05

    A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parameter: list_id.

  • CVE-2017-6097HigFeb 21, 2017
    risk 0.50cvss 7.2epss 0.05

    A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the POST Parameter: camp_id.

  • CVE-2017-6096HigFeb 21, 2017
    risk 0.50cvss 7.2epss 0.05

    A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list.

  • CVE-2017-6578HigMar 9, 2017
    risk 0.47cvss 7.2epss 0.02

    A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: subscriber_email.

  • CVE-2017-6577HigMar 9, 2017
    risk 0.47cvss 7.2epss 0.02

    A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: list_id.

  • CVE-2017-6576HigMar 9, 2017
    risk 0.47cvss 7.2epss 0.02

    A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/campaign-delete.php with the GET Parameter: id.

  • CVE-2017-6575HigMar 9, 2017
    risk 0.47cvss 7.2epss 0.02

    A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: member_id.

  • CVE-2017-6574HigMar 9, 2017
    risk 0.47cvss 7.2epss 0.02

    A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: filter_list.

  • CVE-2017-6573HigMar 9, 2017
    risk 0.47cvss 7.2epss 0.02

    A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit-list.php with the GET Parameter: id.

  • CVE-2017-6572HigMar 9, 2017
    risk 0.47cvss 7.2epss 0.02

    A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/add_member.php with the GET Parameter: filter_list.

  • CVE-2017-6571HigMar 9, 2017
    risk 0.47cvss 7.2epss 0.02

    A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign.php with the GET Parameter: id.

  • CVE-2017-6570HigMar 9, 2017
    risk 0.47cvss 7.2epss 0.02

    A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign-list.php with the GET Parameter: id.

  • CVE-2016-10956Sep 16, 2019
    risk 0.07cvss epss 0.11

    The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.