CVE-2018-1002009: xss vulnerability in Newsletter Autoresponder Kibokolabs Arigato | Exploit info

Security researchers have identified a new vulnerability, and in this post, we take a closer look at CVE-2018-1002009. Below you can take a look if any exploits are available and if they have been published in the exploit database.

Common Vulnerabilities and Exposures is a rundown of sections-each containing a recognizable proof number, a portrayal, and no less than one open reference-for freely known cybersecurity vulnerabilities. CVE Entries are utilized in various cybersecurity items and administrations from around the globe.

About CVE-2018-1002009

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable.

Additional References

  • http://www.vapidlabs.com/advisory.php?v=203
  • https://wordpress.org/plugins/bft-autoresponder/