Mail Masta Project
Products
1- 14 CVEs
Recent CVEs
14| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-6095 | Cri | 0.67 | 9.8 | 0.06 | Feb 21, 2017 | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id. | ||
| CVE-2017-6098 | Hig | 0.50 | 7.2 | 0.05 | Feb 21, 2017 | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parameter: list_id. | ||
| CVE-2017-6097 | Hig | 0.50 | 7.2 | 0.05 | Feb 21, 2017 | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the POST Parameter: camp_id. | ||
| CVE-2017-6096 | Hig | 0.50 | 7.2 | 0.05 | Feb 21, 2017 | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list. | ||
| CVE-2017-6578 | Hig | 0.47 | 7.2 | 0.02 | Mar 9, 2017 | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: subscriber_email. | ||
| CVE-2017-6577 | Hig | 0.47 | 7.2 | 0.02 | Mar 9, 2017 | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: list_id. | ||
| CVE-2017-6576 | Hig | 0.47 | 7.2 | 0.02 | Mar 9, 2017 | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/campaign-delete.php with the GET Parameter: id. | ||
| CVE-2017-6575 | Hig | 0.47 | 7.2 | 0.02 | Mar 9, 2017 | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: member_id. | ||
| CVE-2017-6574 | Hig | 0.47 | 7.2 | 0.02 | Mar 9, 2017 | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: filter_list. | ||
| CVE-2017-6573 | Hig | 0.47 | 7.2 | 0.02 | Mar 9, 2017 | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit-list.php with the GET Parameter: id. | ||
| CVE-2017-6572 | Hig | 0.47 | 7.2 | 0.02 | Mar 9, 2017 | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/add_member.php with the GET Parameter: filter_list. | ||
| CVE-2017-6571 | Hig | 0.47 | 7.2 | 0.02 | Mar 9, 2017 | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign.php with the GET Parameter: id. | ||
| CVE-2017-6570 | Hig | 0.47 | 7.2 | 0.02 | Mar 9, 2017 | A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign-list.php with the GET Parameter: id. | ||
| CVE-2016-10956 | 0.07 | — | 0.11 | Sep 16, 2019 | The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php. |
- risk 0.67cvss 9.8epss 0.06
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.
- risk 0.50cvss 7.2epss 0.05
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parameter: list_id.
- risk 0.50cvss 7.2epss 0.05
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the POST Parameter: camp_id.
- risk 0.50cvss 7.2epss 0.05
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list.
- risk 0.47cvss 7.2epss 0.02
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: subscriber_email.
- risk 0.47cvss 7.2epss 0.02
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: list_id.
- risk 0.47cvss 7.2epss 0.02
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/campaign-delete.php with the GET Parameter: id.
- risk 0.47cvss 7.2epss 0.02
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: member_id.
- risk 0.47cvss 7.2epss 0.02
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: filter_list.
- risk 0.47cvss 7.2epss 0.02
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit-list.php with the GET Parameter: id.
- risk 0.47cvss 7.2epss 0.02
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/add_member.php with the GET Parameter: filter_list.
- risk 0.47cvss 7.2epss 0.02
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign.php with the GET Parameter: id.
- risk 0.47cvss 7.2epss 0.02
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign-list.php with the GET Parameter: id.
- CVE-2016-10956Sep 16, 2019risk 0.07cvss —epss 0.11
The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.