Vulnerabilities > Kibokolabs > Arigato Autoresponder AND Newsletter > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-16	CVE-2023-47686	Cross-Site Request Forgery (CSRF) vulnerability in Kibokolabs Arigato Autoresponder and Newsletter Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.2.2 versions. network low complexity kibokolabs CWE-352	8.8
2018-10-18	CVE-2018-18461	Code Injection vulnerability in Kibokolabs Arigato Autoresponder and Newsletter 2.5.1.7 The Arigato Autoresponder and Newsletter (aka bft-autoresponder) v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments[] data to models/attachment.php. network low complexity kibokolabs CWE-94	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.