The Arigato Autoresponder and Newsletter (aka bft-autoresponder) v2.5.1.7 plugin for WordPress allows remote malicious users to execute arbitrary code via PHP code in attachments[] data to models/attachment.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kibokolabs arigato autoresponder and newsletter 2.5.1.7 |