WordPress Plugin Vulnerabilities

GoDaddy Email Marketing <= 1.1.3 - Cross-Site Request Forgery (CSRF)

Description

The GoDaddy Email Marketing WordPress plugin was affected by a Cross-Site Request Forgery (CSRF) security vulnerability.

Affects Plugins

Plugin icon
godaddy-email-marketing-sign-up-forms
Fixed in 1.1.4

References

CVE
CVE-2016-10903
URL
https://www.pluginvulnerabilities.com/2016/10/27/cross-site-request-forgery-csrf-vulnerability-in-godaddy-email-marketing/

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
8.8 (high)

Miscellaneous

Submitter
Claude Godlewski
Verified
No
WPVDB ID
c9d0e92e-d485-40e7-9b9a-fa1c9dea38ee

Timeline

Publicly Published
2016-10-27 (about 9 years ago)
Added
2016-11-02 (about 9 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2024-06-06
Title
ElasticPress < 5.1.2 - Data Sync via CSRF
Published
2026-01-30
Title
Popup Box < 6.1.2 - Cross-Site Request Forgery to Popup Status Change
Published
2024-07-15
Title
Himer - Social Questions and Answers < 2.1.3 - CSRF While Sending the Invites
Published
2025-04-04
Title
Sequential Order Numbers for WooCommerce < 3.6.3 - Cross-Site Request Forgery
Published
2022-02-16
Title
WP Content Copy Protection & No Right Click < 3.4.5 - Settings Update via CSRF