Vulnerabilites related to acymailing - acymailing
CVE-2021-24288 (GCVE-0-2021-24288)
Vulnerability from cvelistv5
Published
2021-05-17 16:48
Modified
2024-08-03 19:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Summary
When subscribing using AcyMailing, the 'redirect' parameter isn't properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/56628862-1687-4862-9ed4-145d8dfbca97 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AcyMailing | Newsletter via SMTP, Sendinblue, Sendgrid, Mailgun - AcyMailing SMTP Newsletter |
Version: 7.5.0 < 7.5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:28:23.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/56628862-1687-4862-9ed4-145d8dfbca97"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Newsletter via SMTP, Sendinblue, Sendgrid, Mailgun - AcyMailing SMTP Newsletter",
"vendor": "AcyMailing",
"versions": [
{
"lessThan": "7.5.0",
"status": "affected",
"version": "7.5.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Viktor Markopoulos"
}
],
"descriptions": [
{
"lang": "en",
"value": "When subscribing using AcyMailing, the \u0027redirect\u0027 parameter isn\u0027t properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-17T16:48:52",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/56628862-1687-4862-9ed4-145d8dfbca97"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "AcyMailing \u003c 7.5.0 - Unauthenticated Open Redirect",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24288",
"STATE": "PUBLIC",
"TITLE": "AcyMailing \u003c 7.5.0 - Unauthenticated Open Redirect"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Newsletter via SMTP, Sendinblue, Sendgrid, Mailgun - AcyMailing SMTP Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "7.5.0",
"version_value": "7.5.0"
}
]
}
}
]
},
"vendor_name": "AcyMailing"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Viktor Markopoulos"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When subscribing using AcyMailing, the \u0027redirect\u0027 parameter isn\u0027t properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/56628862-1687-4862-9ed4-145d8dfbca97",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/56628862-1687-4862-9ed4-145d8dfbca97"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24288",
"datePublished": "2021-05-17T16:48:52",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:28:23.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39973 (GCVE-0-2023-39973)
Vulnerability from cvelistv5
Published
2023-08-17 20:06
Modified
2024-10-20 04:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from campaigns.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| acymailing.com | AcyMailing Enterprise component for Joomla |
Version: 6.7.0-8.6.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:18:10.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"product",
"x_transferred"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39973",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T19:49:07.081674Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T19:49:14.041Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://extensions.joomla.org/extension/acymailing-starter/",
"defaultStatus": "unaffected",
"packageName": "com_acymailing",
"product": "AcyMailing Enterprise component for Joomla",
"vendor": "acymailing.com",
"versions": [
{
"status": "affected",
"version": "6.7.0-8.6.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joomla Security Strike Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from campaigns."
}
],
"value": "Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from campaigns."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-20T04:33:20.343Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Extension - acymailing.com - Improper Access Control in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2023-39973",
"datePublished": "2023-08-17T20:06:35.442Z",
"dateReserved": "2023-08-07T16:52:01.494Z",
"dateUpdated": "2024-10-20T04:33:20.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39971 (GCVE-0-2023-39971)
Vulnerability from cvelistv5
Published
2023-08-17 20:06
Modified
2024-10-20 04:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| acymailing.com | AcyMailing Enterprise component for Joomla |
Version: 6.7.0-8.6.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:18:10.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"product",
"x_transferred"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39971",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:09:01.484633Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:11:36.796Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://extensions.joomla.org/extension/acymailing-starter/",
"defaultStatus": "unaffected",
"packageName": "com_acymailing",
"product": "AcyMailing Enterprise component for Joomla",
"vendor": "acymailing.com",
"versions": [
{
"status": "affected",
"version": "6.7.0-8.6.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joomla Security Strike Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-20T04:33:27.361Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Extension - acymailing.com - XSS in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2023-39971",
"datePublished": "2023-08-17T20:06:40.974Z",
"dateReserved": "2023-08-07T16:52:01.494Z",
"dateUpdated": "2024-10-20T04:33:27.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41867 (GCVE-0-2023-41867)
Vulnerability from cvelistv5
Published
2023-09-25 18:41
Modified
2024-09-23 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AcyMailing Newsletter Team AcyMailing plugin <= 8.6.2 versions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AcyMailing Newsletter Team | AcyMailing |
Version: n/a < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:49.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/acymailing/wordpress-acymailing-plugin-8-6-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41867",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T20:05:11.180832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T20:05:20.185Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "acymailing",
"product": "AcyMailing",
"vendor": "AcyMailing Newsletter Team",
"versions": [
{
"changes": [
{
"at": "8.6.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.6.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rafshanzani Suhada (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AcyMailing Newsletter Team AcyMailing plugin \u0026lt;=\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;8.6.2 versions.\u003c/span\u003e"
}
],
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AcyMailing Newsletter Team AcyMailing plugin \u003c=\u00a08.6.2 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-25T18:41:54.912Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/acymailing/wordpress-acymailing-plugin-8-6-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;8.6.3 or a higher version."
}
],
"value": "Update to\u00a08.6.3 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress AcyMailing SMTP Newsletter Plugin \u003c= 8.6.2 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-41867",
"datePublished": "2023-09-25T18:41:54.912Z",
"dateReserved": "2023-09-04T11:35:57.267Z",
"dateUpdated": "2024-09-23T20:05:20.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7384 (GCVE-0-2024-7384)
Vulnerability from cvelistv5
Published
2024-08-22 02:02
Modified
2024-08-22 14:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Summary
The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the acym_extractArchive function in all versions up to, and including, 9.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| acyba | AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress |
Version: * ≤ 9.7.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:acymailing:acymailing:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acymailing",
"vendor": "acymailing",
"versions": [
{
"lessThanOrEqual": "9.7.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T14:09:52.644438Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T14:26:47.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AcyMailing \u2013 An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress",
"vendor": "acyba",
"versions": [
{
"lessThanOrEqual": "9.7.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Hydzik"
}
],
"descriptions": [
{
"lang": "en",
"value": "The AcyMailing \u2013 An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the acym_extractArchive function in all versions up to, and including, 9.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T02:02:02.326Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0c747bc9-582c-4b9f-85a4-469c446d50f5?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/acymailing/trunk/back/libraries/wordpress/file.php#L47"
},
{
"url": "https://wordpress.org/plugins/acymailing/#developers"
},
{
"url": "https://www.acymailing.com/changelog/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Facymailing\u0026old=3118953\u0026new_path=%2Facymailing\u0026new=3137644\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3137644/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-21T13:54:14.000+00:00",
"value": "Disclosed"
}
],
"title": "AcyMailing \u003c= 9.7.2 - Authenticated (Subscriber+) Arbitrary File Upload via acym_extractArchive Function"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-7384",
"datePublished": "2024-08-22T02:02:02.326Z",
"dateReserved": "2024-08-01T14:30:24.680Z",
"dateUpdated": "2024-08-22T14:26:47.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28733 (GCVE-0-2023-28733)
Vulnerability from cvelistv5
Published
2023-03-30 11:27
Modified
2025-02-11 19:17
Severity ?
VLAI Severity ?
EPSS score ?
Summary
AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign's creation on front-office.
This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AcyMailing | Newsletter Plugin for Joomla in the Enterprise version |
Version: 0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:37.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.acymailing.com/change-log/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28733"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28733",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T19:17:01.611706Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T19:17:17.402Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Newsletter Plugin for Joomla in the Enterprise version ",
"vendor": "AcyMailing",
"versions": [
{
"lessThan": "8.3.0",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rapha\u00ebl Arrouas (Xel)"
},
{
"lang": "en",
"type": "coordinator",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Bug Bounty Switzerland"
}
],
"datePublic": "2023-03-30T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign\u0027s creation on front-office. \u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects AnyMailing Joomla Plugin\u0026nbsp;Enterprise in versions below 8.3.0. \u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign\u0027s creation on front-office. \n\nThis issue affects AnyMailing Joomla Plugin\u00a0Enterprise in versions below 8.3.0. \n\n\n\n\n\n\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
},
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116 Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-30T11:27:40.884Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"url": "https://www.acymailing.com/change-log/"
},
{
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28733"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eupdate to a fixed version (\u0026gt;= 8.3.0)\u003c/p\u003e"
}
],
"value": "update to a fixed version (\u003e= 8.3.0)\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-02-06T11:00:00.000Z",
"value": "Reported"
},
{
"lang": "en",
"time": "2023-03-09T11:00:00.000Z",
"value": "Initial vendor notification"
},
{
"lang": "en",
"time": "2023-03-10T11:00:00.000Z",
"value": "Initial vendor response"
},
{
"lang": "en",
"time": "2023-03-20T11:00:00.000Z",
"value": "Releasion of fixed version"
},
{
"lang": "en",
"time": "2023-03-30T10:00:00.000Z",
"value": "Coordinated public disclosure"
}
],
"title": "Stored XSS affecting the AcyMailing plugin for Joomla ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2023-28733",
"datePublished": "2023-03-30T11:27:40.884Z",
"dateReserved": "2023-03-22T09:53:07.889Z",
"dateUpdated": "2025-02-11T19:17:17.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28732 (GCVE-0-2023-28732)
Vulnerability from cvelistv5
Published
2023-03-30 11:26
Modified
2025-02-11 20:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Missing access control in AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign's creation on front-office.
This issue affects AnyMailing Joomla Plugin in versions below 8.3.0.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AcyMailing | Newsletter Plugin for Joomla |
Version: 0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:43:23.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.acymailing.com/change-log/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/acyba/acymailing/releases/tag/v8.3.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28732"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28732",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T20:08:02.489166Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T20:10:17.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Newsletter Plugin for Joomla ",
"repo": "https://github.com/acyba/acymailing/",
"vendor": "AcyMailing",
"versions": [
{
"lessThan": "8.3.0",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rapha\u00ebl Arrouas (Xel)"
},
{
"lang": "en",
"type": "coordinator",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Bug Bounty Switzerland"
}
],
"datePublic": "2023-03-30T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMissing access control in\u0026nbsp;AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign\u0027s creation on front-office. \u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects AnyMailing Joomla Plugin in versions below 8.3.0. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "Missing access control in\u00a0AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign\u0027s creation on front-office. \n\nThis issue affects AnyMailing Joomla Plugin in versions below 8.3.0. \n\n\n\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
},
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-30T11:26:27.209Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"url": "https://www.acymailing.com/change-log/"
},
{
"url": "https://github.com/acyba/acymailing/releases/tag/v8.3.0"
},
{
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28732"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eupdate to a fixed version (\u0026gt;= 8.3.0)\u003c/p\u003e"
}
],
"value": "update to a fixed version (\u003e= 8.3.0)\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-02-01T11:00:00.000Z",
"value": "Reported"
},
{
"lang": "en",
"time": "2023-03-09T11:00:00.000Z",
"value": "Initial vendor notification"
},
{
"lang": "en",
"time": "2023-03-10T11:00:00.000Z",
"value": "Initial vendor response"
},
{
"lang": "en",
"time": "2023-03-20T11:00:00.000Z",
"value": "Releasion of fixed version"
},
{
"lang": "en",
"time": "2023-03-30T10:00:00.000Z",
"value": "Coordinated public disclosure "
}
],
"title": "Missing access control affecting the AcyMailing plugin for Joomla",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2023-28732",
"datePublished": "2023-03-30T11:26:27.209Z",
"dateReserved": "2023-03-22T09:53:07.889Z",
"dateUpdated": "2025-02-11T20:10:17.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28731 (GCVE-0-2023-28731)
Vulnerability from cvelistv5
Published
2023-03-30 11:25
Modified
2025-02-11 20:11
Severity ?
VLAI Severity ?
EPSS score ?
Summary
AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's creation on front-office due to unrestricted file upload allowing PHP code to be injected.
This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AcyMailing | Newsletter Plugin for Joomla in the Enterprise version |
Version: 0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:43:23.737Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.acymailing.com/change-log/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28731"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28731",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T20:10:51.852642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T20:11:00.208Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Newsletter Plugin for Joomla in the Enterprise version",
"vendor": "AcyMailing",
"versions": [
{
"lessThan": "8.3.0",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rapha\u00ebl Arrouas (Xel)"
},
{
"lang": "en",
"type": "coordinator",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Bug Bounty Switzerland"
}
],
"datePublic": "2023-03-30T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eAnyMailing Joomla Plugin is vulnerable to\u0026nbsp;unauthenticated remote code execution,\u0026nbsp;when being granted access to the campaign\u0027s creation on front-office due to unrestricted file upload allowing PHP code to be injected. \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects AnyMailing Joomla Plugin\u0026nbsp;Enterprise in versions below 8.3.0. \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "AnyMailing Joomla Plugin is vulnerable to\u00a0unauthenticated remote code execution,\u00a0when being granted access to the campaign\u0027s creation on front-office due to unrestricted file upload allowing PHP code to be injected. \n\n\n\nThis issue affects AnyMailing Joomla Plugin\u00a0Enterprise in versions below 8.3.0. \n\n\n\n\n\n\n\n\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-30T11:25:36.854Z",
"orgId": "455daabc-a392-441d-aa46-37d35189897c",
"shortName": "NCSC.ch"
},
"references": [
{
"url": "https://www.acymailing.com/change-log/"
},
{
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28731"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eupdate to a fixed version (\u0026gt;= 8.3.0)\u003c/p\u003e"
}
],
"value": "update to a fixed version (\u003e= 8.3.0)\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-02-01T11:00:00.000Z",
"value": "Reported"
},
{
"lang": "en",
"time": "2023-03-09T11:00:00.000Z",
"value": "Initial vendor notification "
},
{
"lang": "en",
"time": "2023-03-10T11:00:00.000Z",
"value": "Initial vendor response "
},
{
"lang": "en",
"time": "2023-03-20T11:00:00.000Z",
"value": "Releasion of fixed version"
},
{
"lang": "en",
"time": "2023-03-30T10:00:00.000Z",
"value": "Coordinated public disclosure "
}
],
"title": "Unauthenticated RCE affecting the AcyMailing plugin for Joomla",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePrevent the execution of PHP files in the thumbnail directory to prevent the injected code from being executed\u003c/p\u003e"
}
],
"value": "Prevent the execution of PHP files in the thumbnail directory to prevent the injected code from being executed\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
"assignerShortName": "NCSC.ch",
"cveId": "CVE-2023-28731",
"datePublished": "2023-03-30T11:25:36.854Z",
"dateReserved": "2023-03-22T09:53:07.889Z",
"dateUpdated": "2025-02-11T20:11:00.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39972 (GCVE-0-2023-39972)
Vulnerability from cvelistv5
Published
2023-08-17 20:06
Modified
2024-10-20 04:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| acymailing.com | AcyMailing Enterprise component for Joomla |
Version: 6.7.0-8.6.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:18:10.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"product",
"x_transferred"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39972",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T19:48:33.885440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T19:48:41.120Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://extensions.joomla.org/extension/acymailing-starter/",
"defaultStatus": "unaffected",
"packageName": "com_acymailing",
"product": "AcyMailing Enterprise component for Joomla",
"vendor": "acymailing.com",
"versions": [
{
"status": "affected",
"version": "6.7.0-8.6.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joomla Security Strike Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists."
}
],
"value": "Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-20T04:33:20.711Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Extension - acymailing.com - Improper Access Control in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2023-39972",
"datePublished": "2023-08-17T20:06:39.150Z",
"dateReserved": "2023-08-07T16:52:01.494Z",
"dateUpdated": "2024-10-20T04:33:20.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39974 (GCVE-0-2023-39974)
Vulnerability from cvelistv5
Published
2023-08-17 20:06
Modified
2024-10-20 04:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| acymailing.com | AcyMailing Enterprise component for Joomla |
Version: 6.7.0-8.6.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:18:10.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"product",
"x_transferred"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39974",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T19:47:55.762491Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T19:48:05.341Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://extensions.joomla.org/extension/acymailing-starter/",
"defaultStatus": "unaffected",
"packageName": "com_acymailing",
"product": "AcyMailing Enterprise component for Joomla",
"vendor": "acymailing.com",
"versions": [
{
"status": "affected",
"version": "6.7.0-8.6.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joomla Security Strike Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list."
}
],
"value": "Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list."
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-20T04:33:25.578Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Extension - acymailing.com - Exposure of Sensitive Information in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2023-39974",
"datePublished": "2023-08-17T20:06:39.321Z",
"dateReserved": "2023-08-07T16:52:01.494Z",
"dateUpdated": "2024-10-20T04:33:25.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2021-05-17 17:15
Modified
2024-11-21 05:52
Severity ?
Summary
When subscribing using AcyMailing, the 'redirect' parameter isn't properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/56628862-1687-4862-9ed4-145d8dfbca97 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/56628862-1687-4862-9ed4-145d8dfbca97 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| acymailing | acymailing | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:acymailing:acymailing:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "35D57382-7135-46CE-84E0-5F4FA821FB1A",
"versionEndExcluding": "7.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When subscribing using AcyMailing, the \u0027redirect\u0027 parameter isn\u0027t properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim."
},
{
"lang": "es",
"value": "Cuando se suscriben usando AcyMailing, el par\u00e1metro \"redirect\" no es saneado apropiadamente.\u0026#xa0;Al cambiar la petici\u00f3n de POST a GET, un atacante puede dise\u00f1ar un enlace que contenga una p\u00e1gina de destino potencialmente maliciosa y envi\u00e1rsela a la v\u00edctima"
}
],
"id": "CVE-2021-24288",
"lastModified": "2024-11-21T05:52:46.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-17T17:15:08.080",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/56628862-1687-4862-9ed4-145d8dfbca97"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/56628862-1687-4862-9ed4-145d8dfbca97"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "contact@wpscan.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-17 21:15
Modified
2024-11-21 08:16
Severity ?
Summary
Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| acymailing | acymailing | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:acymailing:acymailing:*:*:*:*:enterprise:joomla\\!:*:*",
"matchCriteriaId": "8B4D61C7-1AAD-43DA-890F-EC999F056C6E",
"versionEndExcluding": "8.7.0",
"versionStartIncluding": "6.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3."
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web en el componente AcyMailing Enterprise para Joomla permite Cross-Site Scripting (XSS). Este problema afecta al componente AcyMailing Enterprise para Joomla: 6.7.0-8.6.3."
}
],
"id": "CVE-2023-39971",
"lastModified": "2024-11-21T08:16:09.057",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-17T21:15:09.357",
"references": [
{
"source": "security@joomla.org",
"tags": [
"Product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"source": "security@joomla.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"sourceIdentifier": "security@joomla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@joomla.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-17 21:15
Modified
2024-11-21 08:16
Severity ?
Summary
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| acymailing | acymailing | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:acymailing:acymailing:*:*:*:*:enterprise:joomla\\!:*:*",
"matchCriteriaId": "8B4D61C7-1AAD-43DA-890F-EC999F056C6E",
"versionEndExcluding": "8.7.0",
"versionStartIncluding": "6.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists."
},
{
"lang": "es",
"value": "Vulnerabilidad de control de acceso inadecuado en el componente AcyMailing Enterprise para Joomla. Permite a usuarios no autorizados crear nuevas listas de correo."
}
],
"id": "CVE-2023-39972",
"lastModified": "2024-11-21T08:16:09.200",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-17T21:15:09.437",
"references": [
{
"source": "security@joomla.org",
"tags": [
"Product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"source": "security@joomla.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"sourceIdentifier": "security@joomla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "security@joomla.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-30 12:15
Modified
2024-11-21 07:55
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign's creation on front-office.
This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnerability@ncsc.ch | https://www.acymailing.com/change-log/ | Release Notes | |
| vulnerability@ncsc.ch | https://www.bugbounty.ch/advisories/CVE-2023-28733 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.acymailing.com/change-log/ | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.bugbounty.ch/advisories/CVE-2023-28733 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| acymailing | acymailing | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:acymailing:acymailing:*:*:*:*:*:joomla\\!:*:*",
"matchCriteriaId": "42A293DB-98EF-464D-BF05-6E47C6EED94C",
"versionEndExcluding": "8.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign\u0027s creation on front-office. \n\nThis issue affects AnyMailing Joomla Plugin\u00a0Enterprise in versions below 8.3.0. \n\n\n\n\n\n\n\n\n"
}
],
"id": "CVE-2023-28733",
"lastModified": "2024-11-21T07:55:53.763",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7,
"source": "vulnerability@ncsc.ch",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-30T12:15:07.663",
"references": [
{
"source": "vulnerability@ncsc.ch",
"tags": [
"Release Notes"
],
"url": "https://www.acymailing.com/change-log/"
},
{
"source": "vulnerability@ncsc.ch",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.acymailing.com/change-log/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28733"
}
],
"sourceIdentifier": "vulnerability@ncsc.ch",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-116"
}
],
"source": "vulnerability@ncsc.ch",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-17 21:15
Modified
2024-11-21 08:16
Severity ?
Summary
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from campaigns.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| acymailing | acymailing | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:acymailing:acymailing:*:*:*:*:enterprise:joomla\\!:*:*",
"matchCriteriaId": "8B4D61C7-1AAD-43DA-890F-EC999F056C6E",
"versionEndExcluding": "8.7.0",
"versionStartIncluding": "6.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from campaigns."
},
{
"lang": "es",
"value": "Vulnerabilidad de control de acceso inadecuado en el componente AcyMailing Enterprise para Joomla. Permite la eliminaci\u00f3n no autorizada de archivos adjuntos de las campa\u00f1as."
}
],
"id": "CVE-2023-39973",
"lastModified": "2024-11-21T08:16:09.340",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-17T21:15:09.503",
"references": [
{
"source": "security@joomla.org",
"tags": [
"Product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"source": "security@joomla.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"sourceIdentifier": "security@joomla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "security@joomla.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-17 21:15
Modified
2024-11-21 08:16
Severity ?
Summary
Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| acymailing | acymailing | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:acymailing:acymailing:*:*:*:*:enterprise:joomla\\!:*:*",
"matchCriteriaId": "8B4D61C7-1AAD-43DA-890F-EC999F056C6E",
"versionEndExcluding": "8.7.0",
"versionStartIncluding": "6.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list."
},
{
"lang": "es",
"value": "Vulnerabilidad de exposici\u00f3n de informaci\u00f3n sensible en el componente AcyMailing Enterprise para Joomla. Permite a actores no autorizados obtener el n\u00famero de suscriptores de una lista espec\u00edfica."
}
],
"id": "CVE-2023-39974",
"lastModified": "2024-11-21T08:16:09.487",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-17T21:15:09.587",
"references": [
{
"source": "security@joomla.org",
"tags": [
"Product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"source": "security@joomla.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://extensions.joomla.org/extension/acymailing-starter/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/"
}
],
"sourceIdentifier": "security@joomla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security@joomla.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-22 03:15
Modified
2024-09-27 13:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the acym_extractArchive function in all versions up to, and including, 9.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| acymailing | acymailing | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:acymailing:acymailing:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "BE14DB85-BB7F-4090-B329-04BF0551E45B",
"versionEndExcluding": "9.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AcyMailing \u2013 An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the acym_extractArchive function in all versions up to, and including, 9.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
},
{
"lang": "es",
"value": "El complemento AcyMailing \u2013 An Ultimate Newsletter Plugin and Marketing Automation Solution para WordPress es vulnerable a cargas de archivos arbitrarias debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n acym_extractArchive en todas las versiones hasta la 9.7.2 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"id": "CVE-2024-7384",
"lastModified": "2024-09-27T13:15:28.443",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-22T03:15:04.130",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://plugins.trac.wordpress.org/browser/acymailing/trunk/back/libraries/wordpress/file.php#L47"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset/3137644/"
},
{
"source": "security@wordfence.com",
"tags": [
"Patch"
],
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Facymailing\u0026old=3118953\u0026new_path=%2Facymailing\u0026new=3137644\u0026sfp_email=\u0026sfph_mail="
},
{
"source": "security@wordfence.com",
"tags": [
"Release Notes"
],
"url": "https://wordpress.org/plugins/acymailing/#developers"
},
{
"source": "security@wordfence.com",
"tags": [
"Release Notes"
],
"url": "https://www.acymailing.com/changelog/"
},
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0c747bc9-582c-4b9f-85a4-469c446d50f5?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-30 12:15
Modified
2024-11-21 07:55
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Missing access control in AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign's creation on front-office.
This issue affects AnyMailing Joomla Plugin in versions below 8.3.0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| acymailing | acymailing | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:acymailing:acymailing:*:*:*:*:*:joomla\\!:*:*",
"matchCriteriaId": "42A293DB-98EF-464D-BF05-6E47C6EED94C",
"versionEndExcluding": "8.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing access control in\u00a0AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign\u0027s creation on front-office. \n\nThis issue affects AnyMailing Joomla Plugin in versions below 8.3.0. \n\n\n\n\n\n"
}
],
"id": "CVE-2023-28732",
"lastModified": "2024-11-21T07:55:53.637",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "vulnerability@ncsc.ch",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-30T12:15:07.620",
"references": [
{
"source": "vulnerability@ncsc.ch",
"tags": [
"Release Notes"
],
"url": "https://github.com/acyba/acymailing/releases/tag/v8.3.0"
},
{
"source": "vulnerability@ncsc.ch",
"tags": [
"Release Notes"
],
"url": "https://www.acymailing.com/change-log/"
},
{
"source": "vulnerability@ncsc.ch",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/acyba/acymailing/releases/tag/v8.3.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.acymailing.com/change-log/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28732"
}
],
"sourceIdentifier": "vulnerability@ncsc.ch",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "vulnerability@ncsc.ch",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-25 19:15
Modified
2024-11-21 08:21
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AcyMailing Newsletter Team AcyMailing plugin <= 8.6.2 versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| acymailing | acymailing | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:acymailing:acymailing:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "0927132A-681A-45AD-885E-C13E18EC2640",
"versionEndExcluding": "8.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AcyMailing Newsletter Team AcyMailing plugin \u003c=\u00a08.6.2 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento AcyMailing Newsletter Team AcyMailing en versiones \u0026lt;= 8.6.2."
}
],
"id": "CVE-2023-41867",
"lastModified": "2024-11-21T08:21:49.280",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7,
"source": "audit@patchstack.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-25T19:15:10.177",
"references": [
{
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/vulnerability/acymailing/wordpress-acymailing-plugin-8-6-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/vulnerability/acymailing/wordpress-acymailing-plugin-8-6-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"sourceIdentifier": "audit@patchstack.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "audit@patchstack.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-30 12:15
Modified
2024-11-21 07:55
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's creation on front-office due to unrestricted file upload allowing PHP code to be injected.
This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnerability@ncsc.ch | https://www.acymailing.com/change-log/ | Release Notes | |
| vulnerability@ncsc.ch | https://www.bugbounty.ch/advisories/CVE-2023-28731 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.acymailing.com/change-log/ | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.bugbounty.ch/advisories/CVE-2023-28731 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| acymailing | acymailing | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:acymailing:acymailing:*:*:*:*:*:joomla\\!:*:*",
"matchCriteriaId": "42A293DB-98EF-464D-BF05-6E47C6EED94C",
"versionEndExcluding": "8.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AnyMailing Joomla Plugin is vulnerable to\u00a0unauthenticated remote code execution,\u00a0when being granted access to the campaign\u0027s creation on front-office due to unrestricted file upload allowing PHP code to be injected. \n\n\n\nThis issue affects AnyMailing Joomla Plugin\u00a0Enterprise in versions below 8.3.0. \n\n\n\n\n\n\n\n\n\n\n"
}
],
"id": "CVE-2023-28731",
"lastModified": "2024-11-21T07:55:53.507",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "vulnerability@ncsc.ch",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-30T12:15:07.573",
"references": [
{
"source": "vulnerability@ncsc.ch",
"tags": [
"Release Notes"
],
"url": "https://www.acymailing.com/change-log/"
},
{
"source": "vulnerability@ncsc.ch",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.acymailing.com/change-log/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.bugbounty.ch/advisories/CVE-2023-28731"
}
],
"sourceIdentifier": "vulnerability@ncsc.ch",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "vulnerability@ncsc.ch",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}