Mndpsingh287 Newsletter_popup

4 CVEs affecting Mndpsingh287 Newsletter_popup. Latest disclosed: 2024-05-16. Critical: 0, High: 1.

Top CVEs affecting Mndpsingh287 Newsletter_popup
CVESeverityScorePublishedSummary
CVE-2024-3643High8.82024-05-16The Newsletter Popup WordPress plugin through 1.2 does not have CSRF check when deleting list, which could allow attackers to make logged in admins perform suc…
CVE-2024-3642Medium6.92024-05-16The Newsletter Popup WordPress plugin through 1.2 does not have CSRF check when deleting subscriber, which could allow attackers to make logged in admins perfo…
CVE-2024-3641Medium6.12024-05-16The Newsletter Popup WordPress plugin through 1.2 does not sanitise and escape some parameters, which could allow unauthenticated visitors to perform Cross-Sit…
CVE-2024-3644Medium4.82024-05-16The Newsletter Popup WordPress plugin through 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to pe…