Exploit WordPress Arigato Autoresponder and Newsletter v2.5.1.8

TheĀ Arigato Autoresponder and Newsletter by Kiboko Labs plugin allows scheduling of automated autoresponder messages and newsletters, and managing a mailing list. You can add/edit/delete and import/export members. There is also a registration form which can be placed in any website or blog. You can schedule unlimited number of email messages. Messages can be sent on defined number of days after user registration, or on a fixed date.

9 cross site script (XSS) exploits and a blind SQL injection vulnerability were found in WordPress Arigato Autoresponder and Newsletter v2.5.1.8. These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request.

Related Posts

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.