Log out
Get PRO

Latest

Access violation vulnerability in Subscribe2 – Form, Email Subscribers & Newsletters 10.40

  • Severity: medium-risk
  • Status: Fixed
  • Publication: June 26, 2023

The Subscribe2 plugin for WordPress, which is used to send emails to site users, is vulnerable to unauthorized access in versions up to and including 10.40. This means that users with the author role are able to send emails with any content and attachments to other site users without needing permission.

Detected in:

Subscribe2 – Form, Email Subscribers & Newsletters fixed vulnerable versions: >= * <= 10.40

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.