ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Email Users Plugin <= 4.8.3 - Cross Site Request Forgery

Product
Email Users
Description
Because of this vulnerability, attackers can send arbitrary (bulk) email messages to any address.
Solution
Update the plugin.
Classification
Type Cross Site Request Forgery (CSRF)
OWASP Top 10 A8: Cross Site Request Forgery (CSRF)
References
SecLists
CVE
Name CVE-N/A
Versions
Affected In <= 4.8.3
Fixed In 4.8.4
Disclosure date
2016-08-01
Credits
Julien Rentrop
Submitter
ThreatPress