Export limit exceeded: 21187 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366508 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366508 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20090 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-2107 | 1 Mail On Update Project | 1 Mail On Update | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Mail On Update plugin before 5.2.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change the "List of alternative recipients" via the mailonupdate_mailto parameter in the mail-on-update page to wp-admin/options-general.php. NOTE: a third party claims that 5.2.1 and 5.2.2 are also vulnerable, but the issue might require a separate CVE identifier since this might reflect an incomplete fix. | ||||
Page 1 of 1.