WordPress Plugin Vulnerabilities

MailPoet Newsletters 2.6.10 - Unspecified CSRF

Description

The MailPoet Newsletters (Previous) WordPress plugin was affected by an Unspecified CSRF security vulnerability.

Affects Plugins

Plugin icon
wysija-newsletters
Fixed in 2.6.11

References

CVE
CVE-2014-3907

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
aa1c595e-3d1a-4b49-b158-2ae63b4f6ba0

Timeline

Publicly Published
2014-09-21 (about 11 years ago)
Added
2014-09-21 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2025-09-02
Title
Floating Window Music Player <= 3.4.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2026-02-08
Title
Photo Gallery by 10Web < 1.8.38 - Cross-Site Request Forgery
Published
2024-11-22
Title
Silverlight Video Player <= 1.0 - Cross-Site Request Forgery
Published
2024-05-09
Title
Church Admin < 4.2.0 - Cross-Site Request Forgery
Published
2019-04-01
Title
Ultimate Member < 2.0.40 - Cross-Site Request Forgery (CSRF)