Vulnerabilities and security researches forbft-autoresponder bft-autoresponder

Direction: descending

Apr 19, 2025

Arigato Autoresponder and Newsletter # CVE-2025-39594

CVE, Research URL: CVE-2025-39594
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Apr 17, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Arigato Autoresponder and Newsletter allows Reflected XSS. This issue affects Arigato Autoresponder and Newsletter: from n/a through 2.7.2.4.
Affected versions: Min -, max -.
Status: vulnerable

Jun 07, 2024

Arigato Autoresponder and Newsletter # CVE-2018-1002003

CVE, Research URL: CVE-2018-1002003
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Dec 03, 2018
Research Description: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2018-1002005

CVE, Research URL: CVE-2018-1002005
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Dec 03, 2018
Research Description: These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2018-1002006

CVE, Research URL: CVE-2018-1002006
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Dec 03, 2018
Research Description: These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2018-1002007

CVE, Research URL: CVE-2018-1002007
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Dec 03, 2018
Research Description: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2018-1002001

CVE, Research URL: CVE-2018-1002001
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Dec 03, 2018
Research Description: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2018-1002000

CVE, Research URL: CVE-2018-1002000
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Dec 03, 2018
Research Description: There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2018-1002004

CVE, Research URL: CVE-2018-1002004
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Dec 03, 2018
Research Description: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2018-1002002

CVE, Research URL: CVE-2018-1002002
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Dec 03, 2018
Research Description: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2018-1002009

CVE, Research URL: CVE-2018-1002009
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Dec 03, 2018
Research Description: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2018-1002008

CVE, Research URL: CVE-2018-1002008
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Dec 03, 2018
Research Description: There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2024-34823

CVE, Research URL: CVE-2024-34823
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: May 14, 2024
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter.This issue affects Arigato Autoresponder and Newsletter: from n/a through 2.7.2.3.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2018-18461

CVE, Research URL: CVE-2018-18461
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Oct 18, 2018
Research Description: The Arigato Autoresponder and Newsletter (aka bft-autoresponder) v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments[] data to models/attachment.php.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2023-25061

CVE, Research URL: CVE-2023-25061
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Apr 07, 2023
Research Description: Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2023-25031

CVE, Research URL: CVE-2023-25031
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Apr 07, 2023
Research Description: Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1 versions.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2023-47686

CVE, Research URL: CVE-2023-47686
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Nov 17, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.2.2 versions.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2023-0543

CVE, Research URL: CVE-2023-0543
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Feb 27, 2023
Research Description: The Arigato Autoresponder and Newsletter WordPress plugin before 2.1.7.2 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Affected versions: Min -, max -.
Status: vulnerable

Arigato Autoresponder and Newsletter # CVE-2023-25020

CVE, Research URL: CVE-2023-25020
Home page URL: Security reports for Arigato Autoresponder and Newsletter
Application: Arigato Autoresponder and Newsletter
Date: Apr 07, 2023
Research Description: Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.
Affected versions: Min -, max -.
Status: vulnerable