Published: 26/12/2019 Updated: 26/04/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The WordPress plugin, Email Subscribers & Newsletters, prior to 4.2.3 had a flaw that allowed unauthenticated file download with user information disclosure.

Vulnerable Product	Search on Vulmon	Subscribe to Product
icegram email subscribers \\& newsletters

Check Point Reference: CPAI-2019-3141 Date Published: 31 Jan 2024 Severity: Medium ...

WordPress Email Subscribers and Newsletters plugin versions 422 and below suffer from a file download vulnerability ...

Random Wordpres Exploits May or May Not Work.

wordpress-exploits Random Wordpress Exploits May or May Not Work CVE-2019-19985 Info Description: Unauthenticated File Download w/ Information Disclosure CVE ID: CVE-2019-19985 CVSS v30 Score: 58 (Medium) CVSS Vector String: CVSS:30/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N Affected Plugin: Email Subscribers & Newsletters Plugin Slug: email-subscribers Affected Versions:

CWE-862 https://wpvulndb.com/vulnerabilities/9946 https://www.wordfence.com/blog/2019/11/multiple-vulnerabilities-patched-in-email-subscribers-newsletters-plugin/http://packetstormsecurity.com/files/158563/WordPress-Email-Subscribers-And-Newsletters-4.2.2-File-Disclosure.html https://nvd.nist.gov https://github.com/RandomRobbieBF/wordpress-exploits https://packetstormsecurity.com/files/158563/WordPress-Email-Subscribers-And-Newsletters-4.2.2-File-Disclosure.html https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2019-3141.html

CVE-2019-19985

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect