Reflected XSS Vulnerability in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 via Unsubscribe Page

Reflected XSS Vulnerability in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 via Unsubscribe Page

CVE-2018-1002009 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable.

Learn more about our Wordpress Pen Testing.