Wordpress MailUp Plugin Multiple Vulnerabilities Network Vulnerability

Summary

This host is installed with Wordpress MailUp Plugin and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow remote attackers to execute arbitary HTML or web script via unspecified vectors in a user's browser session in context of an affected site and disclose sensitive information. Impact Level: Application

Solution

Upgrade Wordpress MailUp Plugin 1.3.2 or later, For updates refer to http://wordpress.org/extend/plugins/wp-mailup

Insight

Not properly restrict access to unspecified Ajax functions in ajax.functions.php

Affected

Wordpress MailUp Plugin version 1.3.1 and prior

References

http://osvdb.org/91274
http://secunia.com/advisories/51917
http://wordpress.org/extend/plugins/wp-mailup/changelog

Updated on 2017-03-28

Severity

Classification

CVE CVE-2013-2640
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Advantech WebAccess Multiple Stack Based Buffer Overflow Vulnerabilities
Advanced Image Hosting Cross Site Scripting Vulnerability
Apache Tomcat source.jsp malformed request information disclosure
Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
/doc directory browsable ?

Take action and discover your vulnerabilities