CVE-2019-19981

MEDIUM WAF: Low
CVSS 5.4 Published: 2019-12-26
CWE-352

The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for CSRF to be exploited on all plugin settings.

WAF Coverage Analysis

Cross-Site Request Forgery (CSRF) Low WAF Coverage

OWASP: A01:2021 Broken Access Control

Affected Software

VendorProductVersion
icegramemail_subscribers_\&_newslettersup to 4.2.3

References

Back to CVE Database