Arigato Autoresponder and Newsletter <= 2.5.1.8 is vulnerable to Authenticated reflected Cross-Site Scripting (XSS) vulnerability

N/A

Published
2018-12-03

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.

CVE

https://www.cve.org/CVERecord?id=CVE-2018-1002001, 2018-1002002, 2018-1002003, 2018-1002004, 2018-1002005, 2018-1002006, 2018-1002007, 2018-1002008, 2018-1002009

CVSS

Score:Unknown

Severity:Unknown

Version: 2.5.1.8

There is a patch available in v2.5.2 and we strongly recommend you update to this version as soon as possible.