7.5
CVSSv2

CVE-2019-20361

Published: 08/01/2020 Updated: 27/07/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

There was a flaw in the WordPress plugin, Email Subscribers & Newsletters prior to 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability).

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

icegram email subscribers \\& newsletters

Mailing Lists

WordPress Email Subscribers and Newsletters plugin version 422 suffers from a remote SQL injection vulnerability ...

Github Repositories

CVE-2019-20361-EXPLOIT There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 431, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability) This script is a "sanized-version" of original script avalible on exploit-dbcom created by @KBA@SOGETI_ESEC ,the original version wa