cleantalk
Vulnerabilities and Security Researches

LetterPress – Elevate Your WordPress Site's E-Mail Campaigns and Marketing, CVE-2024-3590

CVE, Research URL

CVE-2024-3590

Home page URL

Security reports for LetterPress – Elevate Your WordPress Site's E-Mail Campaigns and Marketing

Application

LetterPress – Elevate Your WordPress Site's E-Mail Campaigns and Marketing

Published on
May 14, 2024
Research Description
The LetterPress WordPress plugin through 1.2.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks, such as delete arbitrary subscribers
Affected versions
Min -, max 1.2.2.
Status
vulnerable
Previous vulnerability researches
LetterPress – Elevate Your WordPress Site's E-Mail Campaigns and Marketing (CVE-2024-3590) , Jun 07, 2024
LetterPress – Elevate Your WordPress Site's E-Mail Campaigns and Marketing (CVE-2023-27415) , Jun 07, 2024
LetterPress – Elevate Your WordPress Site's E-Mail Campaigns and Marketing (CVE-2024-34568) , Jun 07, 2024
Ni Purchase Order(PO) For WooCommerce (CVE-2023-5957) , Jun 06, 2024
User registration & user profile – UserPlus (CVE-2023-0824) , Jun 07, 2024
New vulnerability
CF7 Spreadsheets (CVE-2025-31536) , Apr 05, 2025
Awesome Logos (CVE-2025-31899) , Apr 05, 2025
Flickr Photostream (CVE-2025-31467) , Apr 05, 2025
CM Header & Footer Script Loader – Insert Script Plugin (CVE-2025-31091) , Apr 05, 2025
Minimalistic Event Manager (CVE-2025-31739) , Apr 05, 2025