WordPress Plugin Vulnerabilities

Plugin Newsletter 1.5 - Remote File Disclosure

Description

The plugin-newsletter WordPress plugin was affected by a Remote File Disclosure security vulnerability.

Affects Plugins

Plugin icon
plugin-newsletter
No known fix

References

CVE
CVE-2012-3588
Exploitdb
19018
URL
https://packetstormsecurity.com/files/#113413/

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Verified
No
WPVDB ID
5cb11e7b-7518-48a5-976f-01db0b8d9e6f

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2023-09-22
Title
Migration, Backup, Staging – WPvivid < 0.9.90 - Admin+ Arbitrary Directory Deletion via Path Traversal
Published
2026-05-04
Title
EmailKit < 1.6.6 - Authenticated (Author+) Arbitrary File Read via 'emailkit-editor-template' REST Parameter
Published
2014-08-01
Title
WP Online Store 1.3.1 - index.php slug Parameter Traversal Local File Inclusion
Published
2025-01-06
Title
MIPL WC Multisite Sync < 1.1.6 - Unauthenticated Arbitrary File Download
Published
2014-08-01
Title
Payment Gateways Caller for WP e-Commerce 0.1.0 - load_merchant Parameter Traversal Local file Inclusion