Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
campaign vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2013-3264
The WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for Wordpress does not properly restrict access to (1) list/edit.php and (2) campaign/editCampaign.php, which allows remote malicious users to modify list or campaign data.
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.1
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.2
Smackcoders Wp Ultimate Email Marketer Plugin
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.0
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.3
3.5
CVSSv2
CVE-2020-36398
A stored cross site scripting (XSS) vulnerability in phplist 3.5.4 and below allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the "Campaign" field under the "Send a campaign" module.
Phplist Phplist
NA
CVE-2024-2211
Cross-Site Scripting stored vulnerability in Gophish affecting version 0.12.1. This vulnerability could allow an malicious user to store a malicious JavaScript payload in the campaign menu and trigger the payload when the campaign is removed from the menu.
NA
CVE-2023-0772
The Popup Builder by OptinMonster WordPress plugin prior to 2.12.2 does not ensure that the campaign to be loaded via some shortcodes is actually a campaign, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, like draft, private or eve...
Optinmonster Optinmonster
NA
CVE-2022-36340
Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin <= 1.2.49.0 at WordPress.
Mailoptin Mailoptin
4.3
CVSSv2
CVE-2012-4484
Cross-site scripting (XSS) vulnerability in the administrative interface in the Campaign Monitor module prior to 6.x-2.5 for Drupal allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: this refers to an issue in an independently deve...
Trexart Campaignmonitor
Trexart Campaignmonitor 6.x-1.1
Trexart Campaignmonitor 6.x-1.x-dev
Trexart Campaignmonitor 6.x-2.1
Trexart Campaignmonitor 6.x-2.2
Trexart Campaignmonitor 6.x-2.3
Trexart Campaignmonitor 6.x-2.x
NA
CVE-2023-37501
A Persistent XSS vulnerability can be carried out in a certain field of Unica Campaign. An attacker could hijack a user's session and perform other attacks.
Hcltech Unica
6.5
CVSSv2
CVE-2017-6571
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign.php with the GET Parameter: id.
Mail-masta Project Mail-masta 1.0
6.4
CVSSv2
CVE-2013-0382
Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote malicious users to affect confidentiality and integrity via unknown vectors related to Campaign Management.
Oracle E-business Suite 12.0.6
Oracle E-business Suite 12.1.1
Oracle E-business Suite 11.5.10.2
Oracle E-business Suite 12.1.2
Oracle E-business Suite 12.1.3
5
CVSSv2
CVE-2015-0844
The WML/Lua API in Battle for Wesnoth 1.7.x up to and including 1.11.x and 1.12.x prior to 1.12.2 allows remote malicious users to read arbitrary files via a crafted (1) campaign or (2) map file.
Wesnoth Battle For Wesnoth 1.11.1
Wesnoth Battle For Wesnoth 1.11.3
Wesnoth Battle For Wesnoth 1.7.5
Wesnoth Battle For Wesnoth 1.7.11-1.8
Wesnoth Battle For Wesnoth 1.11.12
Wesnoth Battle For Wesnoth 1.7.14-1.8
Wesnoth Battle For Wesnoth 1.9.3
Wesnoth Battle For Wesnoth 1.9.12
Wesnoth Battle For Wesnoth 1.12.0
Wesnoth Battle For Wesnoth 1.11.11
Wesnoth Battle For Wesnoth 1.11.13
Wesnoth Battle For Wesnoth 1.8.0
Wesnoth Battle For Wesnoth 1.9.0
Wesnoth Battle For Wesnoth 1.11.17
Wesnoth Battle For Wesnoth 1.11.5
Wesnoth Battle For Wesnoth 1.9.13
Wesnoth Battle For Wesnoth 1.9.7
Wesnoth Battle For Wesnoth 1.9.9
Wesnoth Battle For Wesnoth 1.11.6
Wesnoth Battle For Wesnoth 1.11.18
Wesnoth Battle For Wesnoth 1.7.4
Wesnoth Battle For Wesnoth 1.9.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »