The Subscribe2 plugin for WordPress, up to version 10.40, has a security vulnerability that allows authors on the site to send emails with any content or attachments to registered users without being properly authorized. This means that the emails could have harmful content or malicious attachments.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
