Search criteria
10 vulnerabilities by Kiboko Labs https://calendarscripts.info/
CVE-2018-1002004 (GCVE-0-2018-1002004)
Vulnerability from cvelistv5 – Published: 2018-12-03 16:00 – Updated: 2024-08-05 12:47
VLAI?
Summary
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Severity ?
No CVSS data available.
CWE
- reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter |
Affected:
unspecified , ≤ 2.5.1.8
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:56.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arigato Autoresponder and Newsletter",
"vendor": "Kiboko Labs https://calendarscripts.info/",
"versions": [
{
"lessThanOrEqual": "2.5.1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2018-08-22T00:00:00",
"datePublic": "2018-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T10:57:01",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2018-08-22",
"ID": "CVE-2018-1002004",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arigato Autoresponder and Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.5.1.8"
}
]
}
}
]
},
"vendor_name": "Kiboko Labs https://calendarscripts.info/"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2018-1002004",
"datePublished": "2018-12-03T16:00:00",
"dateReserved": "2018-12-03T00:00:00",
"dateUpdated": "2024-08-05T12:47:56.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1002002 (GCVE-0-2018-1002002)
Vulnerability from cvelistv5 – Published: 2018-12-03 16:00 – Updated: 2024-08-05 12:47
VLAI?
Summary
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Severity ?
No CVSS data available.
CWE
- Reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter |
Affected:
unspecified , ≤ 2.5.1.8
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:57.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arigato Autoresponder and Newsletter",
"vendor": "Kiboko Labs https://calendarscripts.info/",
"versions": [
{
"lessThanOrEqual": "2.5.1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2018-08-22T00:00:00",
"datePublic": "2018-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T10:57:01",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2018-08-22",
"ID": "CVE-2018-1002002",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arigato Autoresponder and Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.5.1.8"
}
]
}
}
]
},
"vendor_name": "Kiboko Labs https://calendarscripts.info/"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2018-1002002",
"datePublished": "2018-12-03T16:00:00",
"dateReserved": "2018-12-03T00:00:00",
"dateUpdated": "2024-08-05T12:47:57.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1002007 (GCVE-0-2018-1002007)
Vulnerability from cvelistv5 – Published: 2018-12-03 16:00 – Updated: 2024-08-05 12:47
VLAI?
Summary
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id.
Severity ?
No CVSS data available.
CWE
- reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter |
Affected:
unspecified , ≤ 2.5.1.8
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:57.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arigato Autoresponder and Newsletter",
"vendor": "Kiboko Labs https://calendarscripts.info/",
"versions": [
{
"lessThanOrEqual": "2.5.1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2018-08-22T00:00:00",
"datePublic": "2018-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T10:57:01",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2018-08-22",
"ID": "CVE-2018-1002007",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arigato Autoresponder and Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.5.1.8"
}
]
}
}
]
},
"vendor_name": "Kiboko Labs https://calendarscripts.info/"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2018-1002007",
"datePublished": "2018-12-03T16:00:00",
"dateReserved": "2018-12-03T00:00:00",
"dateUpdated": "2024-08-05T12:47:57.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1002008 (GCVE-0-2018-1002008)
Vulnerability from cvelistv5 – Published: 2018-12-03 16:00 – Updated: 2024-08-05 12:47
VLAI?
Summary
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable.
Severity ?
No CVSS data available.
CWE
- reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter |
Affected:
unspecified , ≤ 2.5.1.8
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:57.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arigato Autoresponder and Newsletter",
"vendor": "Kiboko Labs https://calendarscripts.info/",
"versions": [
{
"lessThanOrEqual": "2.5.1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2018-08-22T00:00:00",
"datePublic": "2018-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T10:57:01",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2018-08-22",
"ID": "CVE-2018-1002008",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arigato Autoresponder and Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.5.1.8"
}
]
}
}
]
},
"vendor_name": "Kiboko Labs https://calendarscripts.info/"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2018-1002008",
"datePublished": "2018-12-03T16:00:00",
"dateReserved": "2018-12-03T00:00:00",
"dateUpdated": "2024-08-05T12:47:57.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1002003 (GCVE-0-2018-1002003)
Vulnerability from cvelistv5 – Published: 2018-12-03 16:00 – Updated: 2024-08-05 12:47
VLAI?
Summary
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Severity ?
No CVSS data available.
CWE
- reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter |
Affected:
unspecified , ≤ 2.5.1.8
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:57.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arigato Autoresponder and Newsletter",
"vendor": "Kiboko Labs https://calendarscripts.info/",
"versions": [
{
"lessThanOrEqual": "2.5.1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2018-08-22T00:00:00",
"datePublic": "2018-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T10:57:01",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2018-08-22",
"ID": "CVE-2018-1002003",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arigato Autoresponder and Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.5.1.8"
}
]
}
}
]
},
"vendor_name": "Kiboko Labs https://calendarscripts.info/"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2018-1002003",
"datePublished": "2018-12-03T16:00:00",
"dateReserved": "2018-12-03T00:00:00",
"dateUpdated": "2024-08-05T12:47:57.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1002001 (GCVE-0-2018-1002001)
Vulnerability from cvelistv5 – Published: 2018-12-03 16:00 – Updated: 2024-08-05 12:47
VLAI?
Summary
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Severity ?
No CVSS data available.
CWE
- reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter |
Affected:
unspecified , ≤ 2.5.1.8
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:57.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arigato Autoresponder and Newsletter",
"vendor": "Kiboko Labs https://calendarscripts.info/",
"versions": [
{
"lessThanOrEqual": "2.5.1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2018-08-22T00:00:00",
"datePublic": "2018-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T10:57:01",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2018-08-22",
"ID": "CVE-2018-1002001",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arigato Autoresponder and Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.5.1.8"
}
]
}
}
]
},
"vendor_name": "Kiboko Labs https://calendarscripts.info/"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2018-1002001",
"datePublished": "2018-12-03T16:00:00",
"dateReserved": "2018-12-03T00:00:00",
"dateUpdated": "2024-08-05T12:47:57.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1002006 (GCVE-0-2018-1002006)
Vulnerability from cvelistv5 – Published: 2018-12-03 16:00 – Updated: 2024-08-05 12:47
VLAI?
Summary
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes
Severity ?
No CVSS data available.
CWE
- Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter |
Affected:
unspecified , ≤ 2.5.1.8
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:57.494Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arigato Autoresponder and Newsletter",
"vendor": "Kiboko Labs https://calendarscripts.info/",
"versions": [
{
"lessThanOrEqual": "2.5.1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2018-08-22T00:00:00",
"datePublic": "2018-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T10:57:01",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2018-08-22",
"ID": "CVE-2018-1002006",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arigato Autoresponder and Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.5.1.8"
}
]
}
}
]
},
"vendor_name": "Kiboko Labs https://calendarscripts.info/"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2018-1002006",
"datePublished": "2018-12-03T16:00:00",
"dateReserved": "2018-12-03T00:00:00",
"dateUpdated": "2024-08-05T12:47:57.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1002005 (GCVE-0-2018-1002005)
Vulnerability from cvelistv5 – Published: 2018-12-03 16:00 – Updated: 2024-08-05 12:47
VLAI?
Summary
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter.
Severity ?
No CVSS data available.
CWE
- Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter |
Affected:
unspecified , ≤ 2.5.1.8
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:57.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arigato Autoresponder and Newsletter",
"vendor": "Kiboko Labs https://calendarscripts.info/",
"versions": [
{
"lessThanOrEqual": "2.5.1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2018-08-22T00:00:00",
"datePublic": "2018-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T10:57:01",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2018-08-22",
"ID": "CVE-2018-1002005",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arigato Autoresponder and Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.5.1.8"
}
]
}
}
]
},
"vendor_name": "Kiboko Labs https://calendarscripts.info/"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2018-1002005",
"datePublished": "2018-12-03T16:00:00",
"dateReserved": "2018-12-03T00:00:00",
"dateUpdated": "2024-08-05T12:47:57.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1002009 (GCVE-0-2018-1002009)
Vulnerability from cvelistv5 – Published: 2018-12-03 16:00 – Updated: 2024-08-05 12:47
VLAI?
Summary
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable.
Severity ?
No CVSS data available.
CWE
- reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter |
Affected:
unspecified , ≤ 2.5.1.8
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:57.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arigato Autoresponder and Newsletter",
"vendor": "Kiboko Labs https://calendarscripts.info/",
"versions": [
{
"lessThanOrEqual": "2.5.1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2018-08-22T00:00:00",
"datePublic": "2018-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T10:57:01",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2018-08-22",
"ID": "CVE-2018-1002009",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arigato Autoresponder and Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.5.1.8"
}
]
}
}
]
},
"vendor_name": "Kiboko Labs https://calendarscripts.info/"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "reflected XSS vulnerability in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2018-1002009",
"datePublished": "2018-12-03T16:00:00",
"dateReserved": "2018-12-03T00:00:00",
"dateUpdated": "2024-08-05T12:47:57.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1002000 (GCVE-0-2018-1002000)
Vulnerability from cvelistv5 – Published: 2018-12-03 16:00 – Updated: 2024-08-05 12:47
VLAI?
Summary
There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request.
Severity ?
No CVSS data available.
CWE
- Blind SQL injection in WordPress Plugin Arigato Autoresponder and Newsletter v2.5.1.8
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter |
Affected:
unspecified , ≤ 2.5.1.8
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:47:57.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arigato Autoresponder and Newsletter",
"vendor": "Kiboko Labs https://calendarscripts.info/",
"versions": [
{
"lessThanOrEqual": "2.5.1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2018-08-22T00:00:00",
"datePublic": "2018-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Blind SQL injection in WordPress Plugin Arigato Autoresponder and Newsletter v2.5.1.8",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-04T10:57:01",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"name": "45434",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2018-08-22",
"ID": "CVE-2018-1002000",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arigato Autoresponder and Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.5.1.8"
}
]
}
}
]
},
"vendor_name": "Kiboko Labs https://calendarscripts.info/"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Blind SQL injection in WordPress Plugin Arigato Autoresponder and Newsletter v2.5.1.8"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45434",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45434/"
},
{
"name": "https://wordpress.org/plugins/bft-autoresponder/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/bft-autoresponder/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=203",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2018-1002000",
"datePublished": "2018-12-03T16:00:00",
"dateReserved": "2018-12-03T00:00:00",
"dateUpdated": "2024-08-05T12:47:57.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}