CVE-2019-19980

CVE-2019-19980

The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a privilege bypass flaw that allowed authenticated users (Subscriber or greater access) to send test emails from the administrative dashboard on behalf of an administrator. This occurs because the plugin registers a wp_ajax function to send_test_email.

Source: CVE-2019-19980

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다