First published: Mon Dec 03 2018(Updated: )
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Credit: larry0@me.com
Affected Software | Affected Version | How to fix |
---|---|---|
Kibokolabs Arigato Autoresponder And Newsletter | =2.5.1.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-1002002 is a reflected XSS vulnerability in WordPress Arigato Autoresponder and Newsletter v2.5.1.8.
CVE-2018-1002002 requires administrative privileges to exploit.
CVE-2018-1002002 has a severity keyword of 'medium' and a severity value of 4.8.
To fix CVE-2018-1002002, update WordPress Arigato Autoresponder and Newsletter to a version that does not have this vulnerability.
You can find more information about CVE-2018-1002002 at the following references: [http://www.vapidlabs.com/advisory.php?v=203](http://www.vapidlabs.com/advisory.php?v=203), [https://wordpress.org/plugins/bft-autoresponder/](https://wordpress.org/plugins/bft-autoresponder/), [https://www.exploit-db.com/exploits/45434/](https://www.exploit-db.com/exploits/45434/).