CVE-2018-1002006
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-1002006
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。Arigato Autoresponder and Newsletter是使用在其中的一个自动回复插件。 Wordpress Arigato Autoresponder and Newsletter 2.5版本中的integration-contact-form.html.php文件存在跨站脚本漏洞。远程攻击者可通过发送POST请求利用该漏洞注入任意的Web脚本或H
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Kiboko Labs https://calendarscripts.info/ | Arigato Autoresponder and Newsletter | unspecified ~ 2.5.1.8 | - |
II. Public POCs for CVE-2018-1002006
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-1002006
请登录查看更多情报信息。
- 🔗 https://wordpress.org/plugins/bft-autoresponder/x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2018-1002006
Same Patch Batch · Kiboko Labs https://calendarscripts.info/ · 2018-12-03 · 10 CVEs total
| CVE-2018-1002000 | Wordpress Arigato Autoresponder and Newsletter SQL注入漏洞 | |
| CVE-2018-1002001 | Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞 | |
| CVE-2018-1002002 | Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞 | |
| CVE-2018-1002003 | Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞 | |
| CVE-2018-1002004 | Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞 | |
| CVE-2018-1002005 | Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞 | |
| CVE-2018-1002007 | Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞 | |
| CVE-2018-1002008 | Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞 | |
| CVE-2018-1002009 | Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞 |
IV. Related Vulnerabilities
Same product: Arigato Autoresponder and Newsletter
- CVE-2025-39594
WordPress Arigato Autoresponder and Newsletter plugin <= 2.7 - CVE-2024-34823
WordPress Arigato Autoresponder and Newsletter plugin <= 2.7 - CVE-2023-47686
WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7 - CVE-2023-25020
WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7 - CVE-2023-25031
WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7
Same vendor: Kiboko Labs https://calendarscripts.info/
- CVE-2018-1002000
Wordpress Arigato Autoresponder and Newsletter SQL注入漏洞 - CVE-2018-1002001
Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞 - CVE-2018-1002002
Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞 - CVE-2018-1002003
Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞 - CVE-2018-1002004
Wordpress Arigato Autoresponder and Newsletter 跨站脚本漏洞
V. Comments for CVE-2018-1002006
No comments yet