3.5
CVSSv2

CVE-2019-14787

Published: 09/08/2019 Updated: 22/08/2019
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

The Tribulant Newsletters plugin prior to 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter.

Vulnerability Trend

Affected Products

Vendor Product Versions
TribulantNewsletters-, 4.6.6, 4.6.6.1, 4.6.6.2, 4.6.7, 4.6.7.1, 4.6.8, 4.6.8.2, 4.6.8.5, 4.6.8.6, 4.6.9, 4.6.10.2, 4.6.11, 4.6.12, 4.6.13