Vulnerabilities > Webfwd > Mail Subscribe List
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-16 | CVE-2023-23657 | Cross-site Scripting vulnerability in Webfwd Mail Subscribe List Auth. | 5.4 |
2023-05-02 | CVE-2013-10026 | Cross-site Scripting vulnerability in Webfwd Mail Subscribe List A vulnerability, which was classified as problematic, has been found in Mail Subscribe List Plugin up to 2.0.10 on WordPress. | 6.1 |
2022-06-20 | CVE-2022-1603 | Cross-Site Request Forgery (CSRF) vulnerability in Webfwd Mail Subscribe List The Mail Subscribe List WordPress plugin before 2.1.4 does not have CSRF check in place when deleting subscribed users, which could allow attackers to make a logged in admin perform such action and delete arbitrary users from the subscribed list | 4.3 |