Vulnerabilities > Kibokolabs

DATE CVE VULNERABILITY TITLE RISK
2018-12-03 CVE-2018-1002002 Cross-site Scripting vulnerability in Kibokolabs Arigato Autoresponder and Newsletter 2.5.1.8
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
network
low complexity
kibokolabs CWE-79
4.8
2018-12-03 CVE-2018-1002001 Cross-site Scripting vulnerability in Kibokolabs Arigato Autoresponder and Newsletter 2.5.1.8
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
network
low complexity
kibokolabs CWE-79
4.8
2018-12-03 CVE-2018-1002000 SQL Injection vulnerability in Kibokolabs Arigato Autoresponder and Newsletter 2.5.1.8
There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit.
network
low complexity
kibokolabs CWE-89
7.2
2018-10-18 CVE-2018-18461 Code Injection vulnerability in Kibokolabs Arigato Autoresponder and Newsletter 2.5.1.7
The Arigato Autoresponder and Newsletter (aka bft-autoresponder) v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments[] data to models/attachment.php.
network
low complexity
kibokolabs CWE-94
critical
9.8