First published: Mon Dec 03 2018(Updated: )
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Credit: larry0@me.com
Affected Software | Affected Version | How to fix |
---|---|---|
Kibokolabs Arigato Autoresponder And Newsletter | =2.5.1.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this WordPress Arigato Autoresponder and News letter vulnerability is CVE-2018-1002001.
The severity of CVE-2018-1002001 is medium.
Yes, administrative privileges are required to exploit CVE-2018-1002001.
To fix the vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8, update the plugin to a version that does not have the vulnerability or apply a patch provided by the plugin developer.
You can find more information about the WordPress Arigato Autoresponder and News letter vulnerability at the following references: [1](http://www.vapidlabs.com/advisory.php?v=203), [2](https://wordpress.org/plugins/bft-autoresponder/), [3](https://www.exploit-db.com/exploits/45434/).